icon icon icon icon icon
banner-image overlay

Privacy Notice

Learn how we protect your personal information and ensure your privacy every step of the way.

Privacy Notice | Singer Finance (Lanka) PLC

Singer Finance (Lanka) PLC is committed to protecting personal data of our business customers, business partners and suppliers, visitors, applicants, candidates. This notice sets out how Singer Finance uses any information collected from you and how we protect the information gathered when using our wide range of products including this website (www.singerfinance.com), Online Banking Portal (www.singerfinonline.com), Online Payment Gateway (www.singerfinanceipg.com), social media & Mobile Applications. Further by the means of this notice, we would like to showcase our adherence to Personal Data Protection Act, No. 9 of 2022 of Sri Lanka.

How we collect information

Generally, we collect personal information directly from you. Information is collected from you when you request/apply for a product or a service from us. We may also collect information using the following methods also. Advertising/Marketing campaigns, by conducting online and offline surveys, through direct emails received from you, by the response received to our campaigns, through information gathered from our websites and mobile apps, direct interactions in person with our staff/agents when you visit Singer Finance branches.

We also may collect information using third party services such as:

  • Referees and guarantors, you have listed in the application when applying for services,

  • Credit Information Bureau (CRIB)

  • Website usage

  • Mobile app usage

If you provide us with personal data of other individuals, you hereby represent that you have obtained consent from that individual prior to providing their personal data to us.

Our site uses forms that allow customers to sign up, log in, apply for products, and request information. We collect contact information such as name, employee details, job title, telephone numbers, national identification numbers, address/location, and email addresses. The contact information collected through these forms is used to get in touch with the customer when necessary.

What we collect

The types of personal data we collect or obtain may vary according to our relationship with a data subject and may include the following:

A. For Business Customers

  • contact information (such as name, address, email address and telephone number)

  • identification information (such as national identification number, passport identification number, tax registration number, driving license number, date of birth)

  • banking information (such as account information, burrowing information and banking transactions/statements)

  • customer compliance information (such as Politically Exposed Persons (PEPs), which may reveal political opinions, including job titles and political parties or organizations).

  • sensitive personal information (such as criminal convictions; and personal data relating to a child).

B. For Business Partners and Suppliers

  • contact information (such as name, address, email address and telephone number)

  • identification information (such as national identification number, passport identification number, tax registration number, driving license number, date of birth)

  • business information (such as name of organization, job title, department, business address, organization structure, shareholding, directorship)

  • any recordings captured through our communication platform(s) (such as telephone recordings, Microsoft Teams, Zoom, etc.)

  • details contained in business registration documents, third-party due diligence documents, trade references and credit checks.

  • financial details including banking account details and bank account statements.

C. For Visitors to Any of Our Premises or Events

  • contact information (such as name, address, email address and telephone number)

  • identification information (such as national identification number, passport identification number, etc.)

  • business information (such as name of organization, etc.)

  • reason for visit

  • date and time of visit

  • biometrics and facial recognition

  • security notes (special instructions and access restrictions)

  • any photographic and/or video footage captured or recorded by our surveillance camera (CCTV) system or any other recording system.

  • It is obligatory for you to supply such personal data if you enter any of our premises or attend any of our events.

D. For Applicants, Candidates and Beneficiaries

  • contact information (such as name, address, email address and telephone number)

  • identification information (such as national identification number, passport identification number, date of birth and any other identification information)

  • demographic information (such as age range, marital status, gender, etc.)

  • financial information (such as parents’ incomes, beneficiaries’ incomes, bank account name and number, etc.)

  • education information (such as field of studies, university, country of study, academic scores and achievements, professional certifications, etc.)

  • employment information (such as employer name, address, email address, telephone number, position employed, employment tenure, etc.)

  • any photograph(s) or video footage(s) submitted to us (such as profile pictures, contest submissions, etc.)

  • customer compliance information (such as Politically Exposed Persons (PEPs), which may reveal political opinions, including job titles and political parties or organizations).

  • sensitive personal information (such as criminal convictions; and personal data relating to a child).

Children’s Personal Data

We do not knowingly collect personal data of individuals under the age of 18 without the verified consent of a parent or legal guardian. Where such data is required, additional safeguards are in place to ensure lawful and responsible handling in accordance with the Personal Data Protection Act.

Additional sensitive personal data that we may collect:

  • Health information

Additional sensitive personal data that we collect.

We may, during times of crisis such as war, terrorism, riots, natural disaster, or health crisis/disease outbreak, collect:

  • health and physical condition

  • health condition of individuals in your household

  • result of your health test(s) if any

  • whether you are or were in self-isolation when you are or were unwell

  • body temperature

It is obligatory for you to supply such additional sensitive personal data if you enter any of our premises or attend any of our events during such times of crisis.

Why we collect personal information

  • To communicate with you and respond to your queries, feedback, and complaints.

  • Meet our legal obligations

  • To assess your credit worthiness 

  • To process your application for the services we provide

  • Training and development purposes to elevate the service standards

  • For research and development purpose in order to improve our service levels

Security of information collected

Singer Finance will not use the information received through www.singerfinance.com, www.singerfinonline.com, www.singerfinanceipg.com, its affiliated social media pages, mobile applications, information collected directly or using third parties for any purpose other than for the purpose mentioned in this policy and will not divulge information received to any third party, in any form.

We may collect and store your personal data in electronic and/or physical form, depending on the requirement. Information may be stored at our and third-party premises within IT Systems (e.g., external cloud storages, internal or third-party management systems, e-mails, databases, hard drives), document warehouses, etc.

We endeavor, where practicable, to process your personal data in a safe environment by preventing any unauthorized or unlawful processing of personal data or accidental loss or destruction of, or damage to, such information. We have implemented various physical, technical, and administrative security measures to protect your personal data and our network from unauthorized access. Some of these measures include:

  • encryption of data in transit or at rest

  • strict adherence to privacy and security practices

  • periodic security assessment and reviews to upgrade our practices.

  • restriction of access to personnel who have a need to know such data.

  • conduct Data Protection Impact Assessments (DPIAs) on processing activities that are likely to result in a high risk to your rights and freedoms

While we take reasonable measures to protect your personal data, we encourage you to also take appropriate steps to safeguard your information; such as protecting your login credentials, securing your devices, and informing us promptly of any suspected unauthorized activity. These precautions help us maintain a secure environment for your data.

Where we engage third-party service providers to process personal data on our behalf (e.g., software vendors, infrastructure providers), we ensure that such processors are contractually bound to comply with our data protection standards.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay and report the incident to the Data Protection Authority as required under applicable laws. We will also provide you with relevant information about the breach and any steps you can take to mitigate potential harm.

Retention of information collected

We retain your personal data only for as long as it is necessary to fulfill the purposes for which it was collected. Retention periods may vary based on legal, regulatory, and operational requirements. In some cases, we may retain data for a longer period if required by law or regulation, and it will be securely deleted once it is no longer needed for those purposes. Subject to applicable laws, we may also retain data for a shorter period if you object to its processing and there is no overriding legal basis to continue.

Your rights on information collected

We respect your rights and privacy by taking steps to ensure that your personal data is accurate, complete, not misleading, and up to date. In compliance with the Personal Data Protection Act, No. 9 of 2022 of Sri Lanka, we assure you that:

  • you have the right to know what personal data we have about you.

  • you have the right to request a copy of your personal data.

  • you have the right to correct your personal data to ensure it is accurate, complete, not misleading, and up to date.

  • you have the right to withdraw your consent from our processing of your personal data.

  • you can also ask us to restrict how we use your personal data where it is likely to cause damage or distress.

  • you have a right to prevent processing of your personal data for purposes of direct marketing.

  • you also have the right to lodge a complaint with the Data Protection Authority of Sri Lanka, if you believe that your personal data has been handled in a manner that violates the provisions of the Personal Data Protection Act, No. 9 of 2022.

Automated Decision Making and Profiling

In certain cases, we may use automated systems to make decisions about you, including credit scoring and risk assessment, particularly in the context of evaluating financial product eligibility. Where such decisions are made:

  • You have the right to request that any decision made solely by automated means be reviewed by a human.

  • You may contest the decision and express your point of view.

We ensure that such profiling and decision-making processes are fair, transparent, and subject to regular review.

Trademarks

Singer Finance Lanka PLC referenced in this site are registered trademarks of Singer (Sri Lanka) PLC.

Copyrights

All materials, that are part of this site are copyrights & / or other intellectual property owned, controlled, or licensed by Singer (Sri Lanka) PLC or its suppliers & protected by copyright laws.

Contact Information for inquiries

If you have any questions or enquiries about this notice, our privacy and information handling practices, or would like to exercise your rights as data subjects, kindly reach out to:

Data Privacy Officer:

E-mail: sfldpo@singersl.com

Updates to the Privacy Notice

We reserve the right to amend, modify, vary, or update this Privacy Notice, at our sole discretion from time to time, as and when the need arises. The most recently published Privacy Notice shall prevail over any of its previous versions. You are encouraged to check this Privacy Notice from time to time to stay informed of any changes. You agree to adhere to the terms of the Privacy Notice including any variations.

Cookie Policy | Singer Finance (Lanka) PLC

This Cookie Policy explains how Singer Finance (Lanka) PLC ("we", "our", or "us") uses cookies and similar tracking technologies on our websites and applications (collectively, the "Site"). This policy is provided in compliance with the Sri Lanka Personal Data Protection Act, No. 9 of 2022 ("PDPA").

We are committed to transparency and your privacy. This policy explains:

  • What cookies are,

  • What types of cookies we use and why,

  • How you can manage or disable cookies.

What Are Cookies?

Cookies are small text files that are placed on your device (computer, smartphone, tablet) when you visit a website. They help us improve your browsing experience by remembering your preferences, enabling certain functionality, and analyzing how you interact with the Site.

Cookies can be:

First-party cookies – set by our own website.

Third-party cookies – set by external services we use (e.g., analytics providers).

Types of Cookies We Use

Cookie Type

Purpose

Examples

Retention

Strictly Necessary

Essential for basic website functionality.

Session login, CSRF tokens

Session-only

Performance / Analytics

Understand user interactions on the site.

Google Analytics

13 months

Marketing / Targeting

Track activity for ads or offers.

Facebook Pixel, Google Ads

Up to 24 months

We do not set marketing cookies without your prior consent.

Legal Basis for Using Cookies

We rely on:

  • Legitimate interest to use strictly necessary cookies,

  • Your consent for all other cookie types (e.g., analytics, marketing), as required under PDPA Section 8.

How to Manage Cookies

You can:

  • Disable cookies through your browser settings. Refer to your browser's help section for instructions.

Note: Disabling cookies may affect site functionality.

Profiling and Automated Decision Making

Some cookies may be used to create user profiles or deliver personalized content. We ensure any such profiling is fair, transparent, and subject to your consent. You have the right to object to profiling under the PDPA.

Your Rights

Under the Sri Lankan PDPA, you have the right to:

  • Be informed about how your data is collected and used,

  • Access your personal data,

  • Withdraw your consent,

  • Object to data processing, including for direct marketing or profiling.


You may exercise these rights at any time by contacting us at dposfl@singersl.com.

You also have the right to lodge a complaint with the Data Protection Authority of Sri Lanka if you believe your data has been misused.

Changes to This Cookie Policy

We may update this Cookie Policy from time to time. We encourage you to review this page regularly to stay informed about how we use cookies.

Contact Us

If you have any questions or concerns about our use of cookies, or wish to exercise your rights, please contact our Data Privacy Officer:

Email: dposfl@singersl.com