Privacy Policy

People’s Leasing & Finance PLC (PLC) offers so many online options and facilities to its customers. Online savings, withdrawals of funds and payment of rentals and loan installments are some of such online services PLC offers. Since everything from website logins to online customer service access require collecting of personal data, this Privacy Policy is meant to protect such data of the customers who register with PLC to obtain on line services from PLC.

2. Purpose

Purpose of introducing this policy is to understand what information PLC collects, why collect it, and how PLC can update, manage, export, and delete the given information.Purpose of collecting data is to register for online services and to trace customer’s authentication and to maintain the privacy principals to ensure confidentiality of all information the customers have provided.

3. Scope

The privacy of our customers is the ultimate importance aspect of People’s Leasing & Finance PLC .This policy states how PLC or its website collects, handles and processes data of its customers and visitors. It explicitly describes whether that information is kept confidential, or is shared with or sold to third parties.

4. Applicability

This policy applies to all who visit PLC website or use its online services.

5. Terms and conditions

i. PLC is processing the personal data of customers for the purpose of registration/logging/verification of identity and authentication when obtaining online services. It is considered as the Customer had given consent for collection of their data once they register for online services provided by PLC.

ii. Online service providing department of PLC is the owner of the data collection site and has access to the information. Call center officers of PLC also has limited access to view data to assist customers and to provide answers to their inquiries.

iii. Security measures are taken to protect personal data by encrypting and will be stored in a way that only Online Service providing department is empowered to view the same.

iv. Types of data PLC collect will be
a. Name
b. E-mail address
c. Date of birth
d. Mailing address
e. Personal address
f. Phone number/s
g. Secret personal information using for authentication purposes.
h. Login credentials
i. Reference data which customer use for fund transfers, utility payments
j. Other bank account reference numbers used for JustPay transactions

v. Customer’s information will be collected via online / manually fill applications when they provide details at the time of registration and making any changes to the provided data. 

vi. Categories of Sources will be online and manual

vii. Customer’s rights.
a. The customers can request to see the data at the time they are entering data. Once the request is accepted and process is completed no one is permitted to view the data.
b. However the customers can log in, request to rectify, erase or block their data after authentication. 

viii. Description of process for notifying customers and visitors of changes or updates to the privacy policy will be through email and short message systems.

6. Customers right to Information Security and Privacy

By selecting PLC to be his/her financial service provider, the customer entrusted PLC and its approach of securing their information and financial assets. PLC has thoroughly acknowledged the trust and the customers rights pertain to security of his/her/their financial and personal information. 

7. Collecting Personal Information

In order to provide financial services to the customers PLC is collecting personal information which is relevant and required to understand his/her/their exact financial requirements and to continue PLC’s business. In general PLC do not collect sensitive information (such as information related to health, political involvements, and religious beliefs) without obtaining the customer’s written consent.

8. Reasons to collect Personal Information

a. Within the purview of PLC’s business operations, PLC collect and use the customer’s updated personal information in order to improve its services including: 

i. To satisfy PLC’s legal requirements

ii. . To provide requested services to the customer and bill for the services and collect any outstanding payments.

iii. To process the customer’s application to provide financial services or facilities (to check the customer’s identity, obtain financial reports and to assess the customer’s credit worthiness) and to establish and manage his/her/their account or facility and carry out transactions.

iv. For training, quality control and verification purposes (including monitoring and recording the customer’s telephone & email communication with PLC from time to time) for research and development of new products and services.

v. To provide requested services to the customer and bill for the services and collect any outstanding payments.

vi.Process the customer’s application to provide financial services or facilities (to check the customer’s identity, obtain financial reports and to assess the customer’s credit worthiness) and to establish and manage his/her/their account or facility and carry out transactions. Training, quality control and verification purposes (including monitoring and recording the customer’s telephone & email communication with PLC from time to time) for research and development of new products and services

9. Methods of collecting Information

i. Mainly PLC collects personal information directly from the Customer  (through interviews, over the telephone or internet etc.) at several occasions such as when the customer requests a financial service or take part in our marketing campaigns, surveys, competitions, or responds to PLC’s advertisements or connecting any other possible ways. 

ii. PLC may also collect the Customer’s information using several other methods such as from Credit Information Bureau (CRIB), publicly available information and through referees etc.)

iii. Whenever a person visits PLC’s web site, the web server automatically recognizes the visitor’s domain name and email address if possible. A technology called ‘cookies’ may be used to collect information on the pages accessed by users, average time spent on specific pages, identify a user on his/her return etc.

10. Storing Customer’s Personal Information

PLC stores the customer’s personal information in both electronic and paper based methods (in secure electronic storage facilities and in physical paper files). All the necessary steps will be taken and assured that the customer’s information is being protected from misuse, loss and unauthorized access, manipulations or disclosures. PLC does not keep customers information longer than necessary and follow secure disposal methods widely accepted in the industry in order to destroy information when no longer required them. PLC ensures that it complies with all applicable statutory and regulatory requirements on retention of personally identifiable information.  

11. Non-Disclosure /confidentiality

i. Under any circumstances PLC will not share any confidential information with a third party without written consent of the customer.

ii. However PLC will not be held criminally or civilly liable under any law for the disclosure of any information, data is made in confidence to a government official either directly or indirectly upon receipt of notice to do so or to an Attorney at Law solely for the purpose of reporting by order of a competent court of Sri Lanka.

iii. May provide information to following parties for the mentioned purposes.

a. To comply with legal and regulatory obligations

b. To carryout investigations on an unlawful activities where the personal information is a necessary part of the investigation

c. If the customer is a holder of a corporate or government card membership, PLC may exchange personal information with the customer’s employer or government agency.

d. To PLC’s related companies and subsidiaries to provide  products and services the customer request and to inform about other company products and services

e. To credit reporting agencies (such as CRIB) in connection with PLC for providing credit or recovering amounts owe under any contract the customer have with PLC.

f. To any other party the customer authorizes to disclose information to.

12. PLC web site

The PLC corporate website includes the rage of financial service provided by PLC

13. Online Security

The policies and procedures applicable to online security is in place. Regular reviews on the security measures are conducting in order to improve the security.

The online security measures includes data encryption from end to end, two factor authentications, using high security firewalls, anti-virus tools and intrusion detection methods, using SSL certificates in data encryption etc.

PLC will record customer call and inquires to identify customer feedback and to enhance and provide a better customer service.

To Provide Information for internal purposes, online service providing department can view print and share data of customers within PLC, however the name/address/phone/personal identification card number cannot be generated through one report.