Privacy Policy

Effective Date: 29 March 2026

This Privacy Policy describes how Beyond The Teardrop ("we", "us", or "our"), operating through the website beyondtheteardrop.com, collects, uses, and protects your personal information when you visit our website or place an order. We are committed to safeguarding your privacy and handling your data with transparency.

1. Information We Collect

When you place an order through our website, we collect the following personal information:

• Full name
• Postal address
• Mobile phone number
• Email address

We also collect order-related information such as the quantity of books ordered, your chosen delivery method, and transaction reference details.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Processing and fulfilling your order
• Coordinating delivery or pickup of your purchase
• Sending order confirmations and shipping updates via email
• Communicating with you regarding your order if needed
• Complying with legal and regulatory obligations

3. Payment Processing

All payments are processed securely through OnePay, a payment gateway operated by Spemai (PVT) Ltd, an ISO 27001 certified company registered in Sri Lanka and governed by the Central Bank of Sri Lanka. We do not collect, store, or have access to your credit card, debit card, or bank account details. All payment data is handled directly by OnePay's secure infrastructure.

For information on how OnePay handles your payment data, please refer to their Privacy Policy.

4. Data Sharing

We do not sell, rent, or trade your personal information. Your data may be shared with the following third parties solely for the purposes described:

• OnePay (Spemai (PVT) Ltd) — to process your payment securely
• Delivery partners — your name, address, and phone number to facilitate delivery of your order
• Google (reCAPTCHA) — to verify that orders are placed by genuine users and to protect against spam. Google's use of data is governed by their Privacy Policy

5. Data Security

We take the security of your personal information seriously. Our website uses SSL encryption to protect data transmitted between your browser and our servers. Payment processing is handled by OnePay's ISO 27001 certified infrastructure, ensuring industry-standard security for all financial transactions.

6. Data Retention

We retain order records and associated personal information for a period necessary to fulfill our legal and business obligations, including compliance with Sri Lankan tax and financial regulations. Once this retention period has expired, your personal data will be securely deleted or anonymised.

7. Your Rights

You have the right to:

• Request access to the personal information we hold about you
• Request correction of any inaccurate information
• Request deletion of your personal data, subject to our legal retention requirements
• Opt out of receiving non-essential communications from us

To exercise any of these rights, please contact us at the email address provided below.

8. Cookies

Our website uses Google reCAPTCHA, which may set cookies on your device to function correctly. We do not use any additional tracking or analytics cookies. For more information about how Google uses cookies, please visit their Cookie Policy.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. Any updates will be posted on this page with a revised effective date. We encourage you to review this policy periodically.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

Email: [email protected]
Website: beyondtheteardrop.com
Location: Sri Lanka