Privacy Policy

Last Updated: July 29, 2025

 

1. Introduction

 

Welcome to Apple Mall (Pvt) Ltd (“AppleMall,” “we,” “us,” or “our”). We operate the e-commerce website https://www.applemall.lk (the “Service”).

Your privacy is of utmost importance to us. This Privacy Policy outlines how we collect, use, protect, and disclose your personal information when you use our Service. It also describes your rights regarding your data under Sri Lanka’s Personal Data Protection Act (PDPA).

By using our Service, you agree to the collection and use of information in accordance with this policy.

 

2. Information We Collect

 

We collect several types of information for various purposes to provide and improve our Service to you.

a) Information You Provide Directly:

  • Personal Identification and Contact Information: Your name, email address, phone number, and shipping/billing address when you create an account, place an order, or contact customer support.
  • Account Credentials: Your username and password for your AppleMall account.
  • Payment Information: Your credit/debit card details or other payment information. Please note, this is processed securely by our third-party payment gateway partners, and we do not store your full card details on our servers.

b) Information from External Services (e.g., Google):

  • Social Account Information: We may offer you the ability to sign up or log in using your Google or other social media accounts. If you choose to do this, we will receive certain profile information from that service, such as your name, email address, and public profile information. We use this information solely to create your account and pre-fill your contact details to simplify the registration and checkout process.
  • We will explicitly ask for your consent before accessing this information. The use of information received from external APIs will adhere to their respective user data policies, including any “Limited Use” requirements.

c) Information We Collect Automatically:

  • Usage Data: Information on how you access and use the Service, such as your computer’s Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.
  • Cookies and Tracking Data: We use cookies (small files stored on your device) and similar tracking technologies to track activity on our Service and hold certain information. This helps us understand your preferences and improve your experience. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

 

3. How and Why We Use Your Data (Legal Basis)

 

We process your personal data based on the legal grounds provided by the PDPA of Sri Lanka:

  • To Fulfill Our Contract With You:
    • To process and deliver your orders.
    • To manage your account and provide you with our services.
    • To process your payments.
    • To provide customer support and respond to your inquiries.
  • With Your Explicit Consent:
    • To send you marketing and promotional materials via email or SMS, from which you can opt-out at any time.
    • To access your contact details from your social accounts (like Google) to simplify filling out forms.
  • For Our Legitimate Business Interests:
    • To monitor and analyze website usage to improve our Service’s functionality and user experience.
    • To prevent fraud and enhance the security of our Service.
    • To personalize your experience on our website.
  • To Comply with a Legal Obligation:
    • To meet any legal or regulatory requirements, such as for tax purposes or in response to lawful requests by public authorities.

 

4. Sharing and Disclosure of Your Data

 

We do not sell or rent your personal data to third parties. We may share your information with trusted partners who are contractually obligated to keep it secure and use it only for the purposes we authorize:

  • Delivery and Courier Services: To deliver your orders to your specified address.
  • Payment Gateway Providers: To securely process your payments.
  • Analytics Providers (e.g., Google Analytics): To help us understand and improve our Service.
  • Legal Authorities: If required by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect our rights or property, or ensure the safety of our users.

 

5. Data Retention and Security

 

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy and to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws).

We take the security of your data seriously and use appropriate technical and organizational measures, such as encryption, firewalls, and secure socket layer (SSL) technology, to protect it. However, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security.

 

6. International Data Transfers

 

Your information, including personal data, is processed and stored primarily within Sri Lanka. If we transfer your data to a third country in the future (for example, for cloud storage or processing), we will ensure it is done in full compliance with the cross-border data transfer regulations stipulated in the Sri Lankan PDPA.

 

7. Your Rights Under the Personal Data Protection Act (PDPA)

 

As a user in Sri Lanka, you have the following rights concerning your personal data:

  • The Right to Access: You have the right to request copies of the personal data we hold about you.
  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete any information you believe is incomplete.
  • The Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
  • The Right to Withdraw Consent: You can withdraw your consent at any time where we rely on it to process your data.
  • The Right to Object to Processing: You have the right to object to our processing of your personal data for direct marketing or based on our legitimate interests.

To exercise any of these rights, please contact us at the details provided below.

 

8. Children’s Privacy

 

Our Service is not intended for use by anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

 

9. Changes to This Privacy Policy

 

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this policy. You are advised to review this Privacy Policy periodically for any changes.

 

10. Contact Us

 

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact our Data Protection Officer:

Apple Mall (Pvt) Ltd Email: info@applemall.lk

Brands Carousel