Privacy Policy

Privacy Policy – Comun Labs

Effective Date: 2026-04-17
Company: Comun Labs (Private) Limited
Location: Sri Lanka

1. Introduction

Comun Labs (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, process, and safeguard your personal data when you interact with our services, website, or platforms.

We operate as a Sri Lanka-owned and operated business and comply with applicable data protection laws, including the Personal Data Protection Act No. 9 of 2022.

2. Information We Collect

We may collect and process the following types of personal data:

  • Personal Identification Information
    Name, email address, phone number, company name
  • Technical Data
    IP address, browser type, device information
  • Usage Data
    Interaction with our website, services, or communications
  • Business & Communication Data
    Emails, documents, and files shared via platforms such as Microsoft Office 365

3. How We Use Your Information

We use your data for the following purposes:

  • To provide and manage our services
  • To communicate with you regarding inquiries or projects
  • To improve our website, services, and user experience
  • To comply with legal and regulatory obligations
  • To maintain internal records and business operations

4. Legal Basis for Processing

We process personal data based on:

  • Your consent
  • Contractual necessity
  • Legal obligations
  • Legitimate business interests, provided your rights are not overridden

5. Data Storage & Security

Comun Labs uses secure cloud-based systems, including Microsoft Office 365, to store and process data.

We implement appropriate technical and organizational security measures, including:

  • Access controls and authentication
  • Data encryption where applicable
  • Secure cloud infrastructure
  • Regular monitoring and system updates

6. Data Sharing & Disclosure

We do not sell or rent your personal data.

We may share your data with:

  • Trusted service providers (e.g., cloud hosting, analytics tools)
  • Legal or regulatory authorities, if required by law
  • Internal teams and partners strictly for service delivery

7. International Data Transfers

As we utilize cloud services such as Microsoft Office 365, your data may be processed outside Sri Lanka.

Where this occurs, we ensure appropriate safeguards are in place in line with applicable data protection laws.

8. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfill the purposes outlined in this policy
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

9. Your Rights

Under the Personal Data Protection Act No. 9 of 2022, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw consent at any time
  • Object to certain processing activities

10. Cookies & Tracking Technologies

Our website may use cookies and similar technologies to:

  • Improve user experience
  • Analyze website traffic
  • Personalize content

You may control cookies through your browser settings.

11. Third-Party Links

Our website may contain links to external sites. Comun Labs is not responsible for the privacy practices or content of those third-party websites.

12. Updates to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact:

Comun Labs
Email: info@comunlabs.com

Phone: +94 77 981 0717

Address: 40/28, Longden,Place, Colombo 07, Sri Lanka

14. Compliance & Governance

Comun Labs follows globally aligned data protection and governance principles to ensure responsible handling of personal data. This includes:

  • Maintaining transparency in how data is collected, used, and stored
  • Implementing accountability measures across all data processing activities
  • Ensuring data minimization and purpose limitation
  • Applying security-first practices across all systems and platforms
  • Aligning internal processes with internationally recognized data protection frameworks, including principles similar to those outlined in GDPR

We continuously review and improve our data protection practices to maintain compliance and uphold the highest standards of privacy and security.

Scroll to Top