Privacy Policy

Effective Date: 2026/02/12
Last Updated: 2026/02/12

1. Introduction

The Skinfinity Sri Lanka (“Skinfinity”, “we”, “us”, “our”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you:

  • Visit our website
  • Book appointments or purchase services
  • Communicate with us
  • Interact with our advertisements on platforms such as Facebook and Instagram

We process personal data in accordance with Sri Lanka’s Personal Data Protection Act (PDPA) and other applicable laws.

2. Information We Collect

We may collect the following categories of information:

2.1 Personal Identification Information

  • Full name
  • Email address
  • Phone number
  • Postal address
  • Date of birth (if required for services)

2.2 Health & Treatment Information (Sensitive Personal Data)

To provide safe and appropriate treatments, we may collect:

  • Medical history
  • Skin conditions
  • Allergies
  • Treatment records
  • Photographs (including before-and-after images, where consent is provided)

This information is collected only with your explicit consent and handled with enhanced confidentiality safeguards.

2.3 Transaction & Booking Information

  • Appointment details
  • Purchase history
  • Membership or package details
  • Payment confirmation information (processed securely by payment providers)

We do not store full credit/debit card details on our systems.

2.4 Technical & Usage Information

When you visit our website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type
  • Pages visited
  • Date and time of visit
  • Referral sources

2.5 Advertising & Tracking Data

We may use tracking technologies including:

  • Meta Pixel (Facebook/Instagram)
  • Google Analytics
  • Other remarketing tools

These tools may collect information about your interactions with our website and advertisements.

3. How We Use Your Information

We use your personal data for the following purposes:

  • To schedule and manage appointments
  • To provide treatments and services safely
  • To process payments and memberships
  • To communicate appointment confirmations and reminders
  • To respond to inquiries
  • To improve our website and customer experience
  • To detect and prevent fraud or misuse
  • To comply with legal obligations
  • To send marketing communications (only where you have provided consent)

We will not use your personal data for purposes unrelated to those described in this Policy without your consent.

4. Legal Basis for Processing

Under applicable law, we process personal data based on:

  • Your consent
  • Performance of a contract (e.g., providing treatments)
  • Compliance with legal obligations
  • Legitimate business interests, provided they do not override your rights

Sensitive health information is processed only with explicit consent or as required for safe treatment delivery.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Ensure proper website functionality
  • Understand website usage
  • Improve performance
  • Measure advertising effectiveness
  • Support remarketing and targeted advertising

We may use tools such as Meta Pixel to:

  • Track ad performance
  • Deliver relevant advertisements
  • Measure conversion events

These tools may collect IP address, device information, and browsing behavior.

You can manage cookie preferences through your browser settings.
You may also control advertising preferences through your Facebook, Instagram, or Google ad settings.

6. Marketing Communications

We may send promotional emails, SMS messages, or advertisements if you have:

  • Opted in to receive marketing communications, or
  • Previously engaged with our services (where permitted by law)

You may unsubscribe from marketing communications at any time by:

  • Clicking the “unsubscribe” link in emails
  • Contacting us directly

7. Data Sharing & Third Parties

We may share your data with trusted third-party service providers, including:

  • Payment processors
  • Appointment scheduling platforms
  • Email and SMS service providers
  • Analytics providers (e.g., Google Analytics)
  • Advertising platforms (e.g., Meta Platforms Inc.)
  • Legal authorities where required by law

We require all third parties to maintain appropriate data protection and confidentiality standards.

We do not sell personal data.

8. International Data Transfers

Some of our service providers may process data outside Sri Lanka.

Where personal data is transferred internationally, we ensure appropriate safeguards are implemented in accordance with applicable law.

9. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfill the purposes described in this Policy
  • Comply with legal, tax, or medical record retention requirements
  • Resolve disputes and enforce agreements

When data is no longer required, it will be securely deleted or anonymized.

10. Data Security

We implement reasonable technical and organizational measures to protect personal data from:

  • Unauthorized access
  • Loss
  • Misuse
  • Alteration
  • Disclosure

While we strive to protect your data, no method of internet transmission is completely secure.

11. Your Rights

Subject to applicable law, you may have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Restrict or object to certain processing
  • Withdraw consent at any time (where processing is based on consent)

To exercise your rights, contact us using the details below.

12. Children’s Privacy

Our services and website are not directed at individuals under 18 years of age.

We do not knowingly collect personal information from minors without verified parental or guardian consent.

If we become aware that we have collected personal data from a minor without appropriate consent, we will take steps to delete such information.

13. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those external sites.

14. Policy Updates

We may update this Privacy Policy from time to time.
Updates will be posted on this page with a revised “Last Updated” date.

15. Contact Information

If you have questions about this Privacy Policy or your personal data, please contact:

The Skinfinity Sri Lanka
Email: theskinfinitysrilanka@gmail.com
Phone: +94 74 412 5703
Address: 277/7 Nawala Avenue Nawala