Privacy policy

Last Updated: 23 June 2026

1. Business Overview

Private Bloom (“we”, “us”, “our”) operates an online retail store based in Sri Lanka, offering curated lifestyle and fashion products through our website.

Our website is powered by Shopify Inc. and uses secure third-party payment gateways such as PayHere for payment processing.

We are committed to protecting your personal information and ensuring secure and transparent data handling practices.

2. Information We Collect

We collect only necessary personal information to process orders and provide services.

2.1 Personal Information

Full name
Billing and shipping address
Email address
Phone number

2.2 Order Information

Product details purchased
Order history
Transaction reference ID
Payment status (successful / pending / failed)

2.3 Technical Information

IP address
Device type and browser information
Cookies and website usage data

⚠️ Payment Information Notice

We do NOT store or have access to full credit/debit card details.
All payments are securely processed by PayHere or other PCI-DSS compliant payment gateways.

3. How We Use Your Information

We use your personal information for the following purposes:

Processing and fulfilling orders
Managing payments and refunds
Arranging shipping and delivery
Providing customer support
Improving our services and website experience
Fraud detection and prevention
Legal and tax compliance

4. Payment Processing

All online payments are processed securely through third-party payment gateways such as PayHere.

When you make a payment:

Your card details are encrypted and processed directly by PayHere
We only receive payment confirmation and transaction reference details
We do not store or handle sensitive payment card data

PayHere Privacy Policy: https://www.payhere.lk/privacy

5. Data Sharing

We may share limited customer data only with:

Payment gateways (e.g., PayHere)
Delivery and courier service providers
Shopify platform services
Legal or government authorities when required by law

We do not sell, rent, or trade personal data to any third parties.

6. Data Security

We implement appropriate security measures including:

SSL encryption on our website
Secure Shopify infrastructure
PCI-DSS compliant payment processing via PayHere

However, no online system is completely secure, and we cannot guarantee absolute security.

7. Cookies

We use cookies to:

Enable secure checkout
Improve website performance
Analyze visitor behavior
Personalize user experience

You may disable cookies in your browser settings, but some website features may not function properly.

8. Data Retention

We retain personal information only as long as necessary for:

Order fulfillment
Legal and tax obligations
Customer service and dispute resolution
Business record keeping

After this period, data is securely deleted or anonymized.

9. Your Rights

You may have the right to:

Access your personal data
Request correction of inaccurate information
Request deletion of your data (subject to legal obligations)
Withdraw consent for marketing communications
Request a copy of your personal data

Requests can be made via our contact details below.

10. Children's Privacy

Our services are not intended for individuals under the legal age in Sri Lanka.
We do not knowingly collect personal data from minors.
If such data is identified, it will be deleted immediately.

11. International Data Transfers

Your personal data may be processed or stored outside Sri Lanka through Shopify or payment service providers.
We ensure appropriate safeguards are in place to protect your data.

12. Third-Party Services

Our website may contain integrations or links to third-party services.
We are not responsible for their privacy practices, and users are encouraged to review their policies separately.

13. Contact Information

If you have any questions or requests regarding this Privacy Policy, please contact us:

Private Bloom
Email: privatebloomlk@gmail.com
WhatsApp: +94 788 426 385