Menu
Close

CONTACT US

[email protected] | +94 11 262 7000
Haycarb
Menu
Close

CONTACT US

[email protected] | +94 11 262 7000
Haycarb
Contact

Privacy Policy

Introduction

Haycarb PLC and its subsidiaries (collectively referred to as “Haycarb,” “we,” “us,” or “our”) are committed to protecting the privacy and personal data of all individuals with whom we interact. This Privacy Policy operates within the overarching framework of the Haycarb Group Personal Data Protection Policy which outlines the commitment of Haycarb PLC and its subsidiaries to protect the privacy and security of personal and sensitive data that maybe processed by the Company of it’s employees, customers, suppliers contractors and the like. The Personal Data Protection Policy is in compliance with Sri Lanka’s Personal Data Protection Act and global standards like the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable regulations.

This policy applies across all Haycarb subsidiary companies, with specific privacy and cookie policies tailored for individual business verticals, accessible via their respective websites.

Scope of the Policy

This policy applies to all visitors to our digitally accessible channels and data collected through directly, automatically, or from third-party sources from these channels. It reflects our compliance with both global and local privacy regulations, such as:

  • Personal Data Protection Act No. 9 of 2022 (Sri Lanka).

  • General Data Protection Regulation (GDPR)/EU/EEA.

  • California Consumer Privacy Act (CCPA – USA).

  • Lei Geral de Proteção de Dados (LGPD – Brazil)

This policy is supplemented by periodic internal reviews and audits to ensure compliance with evolving legal standards and best practices. 

Data We Collect

We may collect various categories of personal data through our digital channels, including but not limited to:

Directly Provided Data 

  1.  Identity Data: Full name
  2.  Contact Data: Email address, phone number, physical address.
  3.  Financial Data: Bank account and payment details for transactional purposes.

Automatically Collected Data

  1.  Technical Data: IP addresses, browser type, device identifiers, and website interaction logs.
  2.  Usage Data: Behavioral data on websites and applications. (Pages visited, interactions with content, time spent on the website etc)
  3.  Location Data: General Geographic information collected through online tools based on your device settings.

How We Collect Data

Direct Interactions: When users interact with us on our Platforms (including one of our websites, sending us an email, fill out forms, register for services, apply for jobs or calling us) or interacting with Haycarb social media pages, we may collect the personal information you share with us.

Automated Technologies: Based on your device settings, Haycarb will automatically collect certain personal information (For example: If you start filling out a form but don’t complete it, Flash storage may remember your inputs for when you return. When you visit the Haycarb website, cookies may track your browsing activity, such as the pages you view, the time spent on the site, and the links you click. A cookie remembers your language preference, so you don’t have to select it every time you visit.)

When you interact with our Platform on any device, when you click on sponsored links or third-party ads to visit our Platform, and we may also collect personal information about you over time and across different websites, apps and devices when you use our Platform, using tracking technologies such as cookies, pixels, Flash objects, APIs and mobile software development kits (SDKs) and we may use third party services to collect this personal information when you use our Platform. We explain more about our use of cookies and other tracking technologies in the section called “Tracking Technologies, Interest-Based Advertising and Third-Party Tracking” below.

Third-Party Sources: Data from business partners or public records. We may receive personal information about you from third-party sources, such as our business partners, including online advertising networks, analytics vendors, social media sites, third-party sites, family, friends or others who provide your personal information to us because they think you might be interested in our products or services or they want to share a product or service with you, or companies that provide personal information to supplement what we already know about you, including data aggregators. Certain third parties might link your name or email address to other information they have collected. That might include past purchases made offline or online. It might also include online usage information collected by third parties and shared with us.

By Combining Personal Information : For example, we may combine personal information that we collect offline with personal information we collect through our Platform, combine personal information we collect about you from the different devices you use to access our Platform, or combine personal information we get from third parties with personal information we already have about you.

Children’s Privacy

Our services are not directed at children under the age of 18, and we do not knowingly collect personal data from them without parental consent. Parents or guardians who believe their child has provided personal data can contact our Data Protection Officer to request its deletion.

Purpose of Data Processing

We process personal data via digital channels for the following purposes:

Service Delivery

  • Provide and improve our products and services and digital experiences.
  • Communicate updates, promotions, and relevant service information.
  • Process transactions and deliver purchases.
  • Facilitating logistics, manufacturing, or hospitality operations.

Enhancing User Experience

  • Personalising content and recommendations.
  • Conducting analytics to improve website usability and service offerings.
  •  

Regulatory and Legal Compliance

  • Meeting obligations under applicable laws.
  • Responding to lawful requests from law enforcement or regulators.
  • Preventing fraud and mitigating security risks.

Marketing & Advertising

  • Sending personalized offers, recommendations, and newsletters.
  • Conducting surveys, market research, and analytics.
  • Facilitating targeted advertising using cookies and tracking technologies.

Data Sharing

Your data may be shared after with your explicit content with:

  • Within the Hayleys Group: For coordinated service delivery and management.
  • Third-Party Providers: Payment processors, cloud hosting services, and analytics providers.
  • Authorities: To comply with legal or regulatory obligations.
  • Business Partners: For joint ventures or service collaborations.

To ensure compliance with global privacy standards, all third-party data processors are vetted and bound by contracts to adhere to equivalent data protection measures. For global operations, data may be transferred across borders. We ensure compliance through mechanisms like SCCs, adequacy decisions, or Binding Corporate Rules (BCRs).  

Data Retention

Data is retained only as long as necessary to fulfill the purposes outlined or to meet legal requirements.

  • Website logs: Retained for 12 months for analytics.
  • Marketing Data: Retained until you opt out.

Detailed retention schedules are outlined in vertical-specific policies on their respective websites.

Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access and Rectification: Review and update your personal data.
  • Erasure: Request deletion of your data, subject to legal constraints.
  • Restriction: Limit the processing of your data in certain scenarios.
  • Portability: Obtain a copy of your data in a structured format.
  • Objection: Object to specific data uses, including marketing.
  • Withdrawal of Consent: For data processing based on your consent.

You may report any concerns or suspected violations related to this policy through the contact details below, which will be reviewed by our Data Protection Officer.

Data Security

We employ industry-standard measures to protect personal data collected via digital channels, including:

  • Encryption: For data in transit and at rest.
  • Access Controls: Ensuring data access is limited to authorised personnel.
  • Incident Response: Protocols to address and mitigate data breaches.

Cookies and Tracking Technologies

Our websites use cookies to:

  • Enhance functionality and performance.
  • Analyse traffic and optimise content delivery.
  • Deliver personalised advertising.

Details about cookie usage and preferences are outlined in our Cookie Policy.

Interest-Based Advertising:

We engage in interest-based advertising to deliver online advertising that may be more relevant to your interests. This means that we permit third party online advertising networks, social media companies, and other third-party services to collect information about your use of our websites and Platform over time so that they may play or display ads on our Platform, on other websites, apps, or services you may use, and on other devices you may use. Advertisers use advertising identifiers such as cookies, hashed email or phone number, or mobile advertising identifiers, to support their delivery of interest-based advertising. To learn more about these advertising IDs, you can visit https://www.aboutidentifiers.org/. To learn more about your choices regarding interest-based advertising, visit the “Your Privacy Choices” section below.

We learn from groups of consumers sharing similar interests. We may place you in a group of consumers who show the same interests (sometimes these are called “look alike audiences”). We may infer these things about you based on your activity on certain webpages, links you click on our Platform and other websites you visit, mobile applications you use, or our brand emails you view and links you click in the emails, and based on other information we have collected, such as from our partners and other third parties. We group together information to help us learn about general trends, habits or characteristics about a group of stake holders who act similarly online or offline and use this information to send this group information we believe will be relevant product offers or information.

We link information to an advertising identifier, which may be device specific (such as a cookie, mobile ad ID, or hashed email address or hashed phone number). This information may be supplemented with information such as products you buy offline or information you provide directly to us on our Platform. We generally do this in ways that will not directly personally identify you (they are “masked” by a number identifier instead of associated with information like your name), but if we personally identify you we will do so in accordance with applicable laws.

We may know you across your devices, such as computers, phones, tablets because we associate device-specific identifiers. We assume that the same person or household owns certain devices based on certain activities, such as connecting the devices to the same WiFi network.

We may share a common account identifier (such as an email address or user ID) or hashed data with our third-party advertising partners to help identify you across devices or serve you ads on social media sites you may use. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research.

Google Analytics and Advertising:

We use Google Analytics to better understand how our users interact with our Platform. Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use (https://marketingplatform.google.com/about/analytics/terms/us/) and the Google Privacy Policy (https://policies.google.com/privacy). To understand how Google uses data when you use our partners’ sites or apps, visit https://policies.google.com/technologies/partner-sites. You may opt out of Google Analytics at any time by visiting https://tools.google.com/dlpage/gaoptout/.

We may also utilize certain forms of display advertising and other advanced features through Google Analytics, such as Remarketing with Google Analytics, Google Display Network Impression Reporting and Google Analytics Demographics and Interest Reporting. These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the Google Ads advertising cookie) or other third-party cookies together to inform, optimize, and display ads based on your past visits to the Service. You may control your advertising preferences or opt-out of certain Google advertising products by visiting the Google Ads Preferences Manager, currently available at https://google.com/ads/preferences or by visiting NAI’s online resources at https://optout.networkadvertising.org/?c=1.

Pixels:

Pixels are small objects embedded into a web page but are not visible. They are also known as “tags,” “web bugs,” or “pixel gifs.” We use pixels to deliver cookies to your computer, monitor our website activity, make logging into our sites easier, and for online marketing activities including personalized advertising on social media sites. We also include pixels in our email messages or newsletters to determine whether you open them and click on their links. This helps us understand whether you are an active user. It also helps us measure the effectiveness of our marketing efforts, and derive insights and analysis, that we will use to personalize the content of our communication and to guide our marketing decisions and strategy.

Our Do Not Track Policy:

Some browsers have “do not track” features that allow you to tell a website not to track you. These features are not all uniform. Where available, you may choose to enable an online tool that automatically communicates your universal opt-out preferences, such as the Global Privacy Control (“GPC”). You may need to use a specific browser or an extension that supports these tools and universal signals. When detected, we will process such a signal as a request to opt out of tracking PI and as a request to opt out of “sale” or “sharing” of your data as explained in the “Your Privacy Choices” section below. You can also opt-out of such tracking directly on our Platform by following the steps noted in the Interest-Based Advertising section above. If you have questions, please contact us via one of the methods listed in the “Contact Us” section at the end of this Notice.

Updates to This Policy

We may periodically update this Privacy Policy to reflect changes in our practices, technologies, or legal requirements. Updates will be published on this page, and significant changes will be communicated to users.

Contact Us

For questions, concerns, or to exercise your rights, contact:

400 Deans Road, Colombo 01000

[email protected]

A leading manufacturer and marketer of Coconut Shell Activated Carbon

Scan to connect
with us on WeChat