Privacy Policy
Last Updated: 30 March 2025
FOERTE (Pvt) Ltd (“FOERTE”, “we”, “us”, or “our”) is committed to protecting the privacy and confidentiality of personal data entrusted to us. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you interact with our website, services, training programs, assessments, or communications (collectively, the “Services”).
This Privacy Policy applies to:
- Website visitors
- Prospective and current clients
- Training participants
- Business partners
- Any individual whose personal data we process in the course of our business
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.
1. Who We Are
FOERTE (Pvt) Ltd is a cybersecurity, compliance, and digital trust services provider operating from Sri Lanka and serving clients locally and internationally.
We act as:
-
Data Controller for website, marketing, and business communications data
-
Data Processor (or Sub-Processor) for client data handled under contractual agreements
2. Information We Collect
2.1 Information You Provide Directly
We may collect personal information that you voluntarily provide, including:
-
Full name
-
Business email address
-
Phone number
-
Job title and organization
-
Billing and invoicing details
-
Training registration details
-
Communication records (emails, meeting notes, support tickets)
For clients, this may also include:
-
Authorized contact details
-
Project-related communications
-
Access details explicitly shared for service delivery (handled under strict controls)
You may choose not to provide certain information, but this may limit our ability to deliver Services.
2.2 Information Collected Automatically
When you visit our website, we may automatically collect limited technical information, including:
-
IP address
-
Browser type and version
-
Device information
-
Pages visited and time spent
-
Referral source
This data is used only for security, analytics, and website performance improvement.
2.3 Client Data Processed on Behalf of Customers
In the course of providing cybersecurity, compliance, testing, or advisory services, FOERTE may process client-controlled data, including:
-
System information and configurations
-
Logs and assessment evidence
-
Security findings and reports
-
Limited personal data contained within client systems
FOERTE does not own this data.
Such data is processed strictly under contractual obligations, confidentiality agreements, and client instructions.
3. How We Use Personal Information
We use personal information for the following legitimate purposes:
-
Delivering contracted services
-
Responding to inquiries and requests
-
Client onboarding and relationship management
-
Training administration and certification
-
Billing and accounting
-
Security monitoring and fraud prevention
-
Legal and regulatory compliance
We do not use client data for advertising or unrelated purposes.
4. Legal Basis for Processing
Where applicable, we process personal data based on one or more of the following legal grounds:
-
Performance of a contract
-
Legitimate business interests
-
Legal obligations
-
Consent (where explicitly obtained)
5. Cookies and Tracking Technologies
FOERTE uses limited cookies and similar technologies for:
-
Website functionality
-
Analytics and performance measurement
-
Security monitoring
You may control cookies through your browser settings. Disabling cookies may affect website functionality.
We do not use invasive tracking or behavioural advertising cookies.
6. Disclosure of Personal Information
We may disclose personal information only in the following circumstances:
-
To trusted service providers (e.g., cloud hosting, email, analytics) under confidentiality obligations
-
To legal or regulatory authorities where required by law
-
To professional advisors (legal, accounting) under confidentiality
-
With explicit consent from the data subject
We do not sell personal data.
We do not trade personal data.
Client data is never disclosed without authorization or legal obligation.
7. Data Security
FOERTE implements appropriate administrative, technical, and organizational safeguards to protect personal information, including:
-
Access control and least-privilege principles
-
Encryption where appropriate
-
Secure storage and transmission
-
Staff confidentiality obligations
-
Security awareness and training
No system can guarantee absolute security, but we apply industry-aligned practices proportionate to risk.
8. Data Retention
Personal information is retained only for as long as necessary to:
-
Fulfil contractual obligations
-
Meet legal or regulatory requirements
-
Resolve disputes
-
Enforce agreements
Client data retention and destruction are governed by contractual terms.
9. International Data Transfers
Where personal data is transferred across borders, FOERTE ensures appropriate safeguards are in place, including contractual protections and secure handling practices.
10. Your Rights
Depending on applicable laws, you may have the right to:
-
Access your personal data
-
Request correction of inaccurate data
-
Request deletion of data
-
Object to or restrict processing
-
Withdraw consent (where applicable)
-
Receive a copy of your data
Requests may be submitted using the contact details below. We may verify identity before responding.
11. Children’s Privacy
FOERTE Services are not intended for individuals under the age of 16.
We do not knowingly collect personal data from children.
If you believe a child’s data has been provided to us, please contact us immediately.
12. Third-Party Links
Our website may contain links to third-party sites. FOERTE is not responsible for the privacy practices or content of those sites. Review their policies before providing information.
13. Changes to This Privacy Policy
We may update this Privacy Policy to reflect legal, regulatory, or operational changes. Updates will be posted on our website with a revised “Last Updated” date.
14. Contact Us
For questions, concerns, or privacy requests, contact:
FOERTE (Pvt) Ltd
📧 Email: [email protected]
