1. Introduction
Inivos Consulting (Pvt) Ltd & Inivos Technology (Pvt) Ltd ("Inivos", "we", "our", or "us") takes privacy and data protection seriously. This Privacy Policy describes how we collect, process, share, store, and protect personal data obtained through our website, business operations, client engagements, vendor management, office visits, and physical or digital interactions.
3. Scope of this Privacy Policy
This privacy policy applies to all websites, systems, services, and communications operated by Inivos Consulting (Pvt) Ltd & Inivos Technology (Pvt) Ltd that reference this document. This policy covers personal data collected from:
a) Website Users & Online Forms
• IP address, browser, device type
• Cookie identifiers & preferences
• Pages visited, clickstream, time spent
• Contact form submissions (name, email, phone, message content)
b) Newsletter Subscriptions
• Name
• Email address
c) Recruitment Activities
Please click here to view our recruitment activities.
d) Office Visitors (Physical Premises)
• Name, National ID or Passport Number
• Contact number & email
• Company name & designation
• Purpose of visit & host contact
e) Client Onboarding
• Name & designation of signatory
• Company registration documents
• National ID or passport (if applicable)
• Tax ID information
• Business & financial credentials
• Contact and billing information
f) Supplier & Vendor Onboarding
• Business registration & shareholder information
• Financial credentials (depending on thresholds)
• Bank account details
• Procurement & compliance certificates
• Contact details of authorized representatives
g) Marketing & Events
• Event registrations & attendance records
• Communication preferences
• Photographs and media content (when consented)
5. Purpose for Processing Your Data
We process personal data for the following purposes:
We may collect data directly or from third-party sources such as business databases, enrichment tools, or public profiles (e.g., LinkedIn), strictly for business engagement purposes.
Users submitting data via forms must opt-in to marketing (where applicable). Consent is obtained via checkboxes or affirmative action.
7. Data Sharing & Disclosure
We may disclose data to:
• Third-party service providers
• Auditors, accountants, lawyers
• Regulatory and supervisory authorities
• Government agencies
• Corporate transaction entities (merger/acquisition)
8. International Transfers
We ensure protection using:
• Standard Contractual Clauses (SCCs)
• Data Processing Agreements
• Role-based access controls and encryption (at rest & in transit)
• Microsoft Azure infrastructure safeguards
• Security audits and employee training
9. Data Retention
• Business inquiries: up to 24 months from last contact
• Visitor logs: 12 months
• Marketing: until consent is withdrawn
• Client/vendor data: as per statutory requirements
• Contracts & records: minimum 7 years (per Sri Lankan laws)
10. International Data Considerations
We comply with Sri Lanka’s Personal Data Protection Act No. 9 of 2022.
For international users (e.g., EU, UK, U.S.):
• We implement GDPR-aligned practices
• Use SCCs and secure encryption
• You may lodge complaints with local authorities or Sri Lanka’s DPA
11. Cookies & Tracking Technologies
We use cookies to enhance your experience.
Types:
• Essential cookies (website functionality)
• Analytics cookies (usage insights)
• Marketing cookies (relevant ads)
You can manage cookies through browser settings or our consent tool.
12. Third-Party Links
Our website may link to external sites. This Privacy Policy does not apply to those. We encourage reviewing their privacy policies before engagement.
13. Data Subject Rights
You have the right to:
• Access, correct, or delete your data
• Restrict or object to processing
• Withdraw consent
• Data portability
• File complaints with Data Protection Authorities
To exercise your rights, contact info@inivosglobal.com. We respond within 3 working days and resolve within 21 calendar days.
14. Children’s Privacy
We do not knowingly collect data from individuals under 16.
15. Updates to This Policy & Questions
This policy may be updated to reflect legal or operational changes. Material changes will be announced via our website.
In the event of a data breach, we will notify affected individuals and authorities as required. Inivos also maintains internal training and awareness programs for data protection.
For recruitment-specific privacy details, click here.
16. Contact Us
If you have questions about this Privacy Policy or how we handle data:
