Privacy Policy

We take your privacy very seriously at Colombo Meditation, and we are committed to keep your personal data safe. Please see below for our integrity policy. Should you still have any questions with regard to how we process your personal data, please don’t hesitate to contact us directly.

Colombo Meditation
11/3 Medawelikada road, Rajagiriya, Sri Lanka
Tel: 076 700 2893


  1. What personal data we collect and the purpose of collecting it
  • Through the booking function on our website, you are asked to provide personal data in form of your name and telephone number. We also ask for this information if you make a reservation through telephone or meeting us in person while promoting our meditation. The legal basis for processing this data is that we have a legitimate interest to process this information in order to give you the introductory seminar that you have signed up for. We use the data to provide you with confirmation of your reservation, address to the meditation center, etc.
  • Should you sign up for membership at Colombo Meditation we will collect your first and last name, address, date of birth, telephone number and e-mail address. We will also record information about the hours you spend meditating as well as certain steps you make in the meditation. The legal basis for processing this data is that we need this information in order to fulfil our commitment to provide you with meditation guidance. (Information related to previous students will be processed on basis of legitimate interest, see further section 2.2. below.) We will use the information for our membership directory, for keeping track of your meditation progress, and for the purpose of contacting you regarding reservation for meditation classes and to inform you about meditation and other membership activities at the meditation center.
  • On occasion, we receive queries about our meditation via e-mail from the general public. These messages normally include some personal data, such as e-mail address and name. The legal basis for processing this data is either consent or legitimate interest, depending on the content of the e-mail message. We will use the personal information for the purpose of responding to the e-mail queries. Our intention is to keep any e-mail correspondence to a minimum.
  • We will not use your personal data for any other purposes than the above stated, i.e. we will not sell or share your data or use it for marketing purposes, publish it, or transfer it to any unauthorized third party.


  1. Storage and deletion of personal data
  • The personal data collected in accordance with section 1.1 above is stored until you have visited the center for the introductory seminar, or cancelled your seminar reservation or where the circumstances show that you do not wish to attend the seminar. The information will thereafter be deleted.
  • The personal data collected in accordance with section 1.2 is stored until the membership has expired or has been terminated by the member. However, name and telephone number of the member may be kept for a maximum period of one year after the expiry of the membership in order to occasionally inform previous members about current meditation center activities.
  • The personal data collected in accordance with section 1.3 above will be deleted after the e-mail correspondence has ended.
  • Some personal data, such as names on receipts of payment, may classify as book-keeping material under Sri Lankan law, and will therefore be stored and deleted in accordance with such regulations.


  1. Security
  • We use technical and organizational security measures to protect your personal data against loss or any unauthorized access. We regularly revise our security policies and routines in order to ensure that our systems are secure and up-to-date.


  1. Transfer of personal data to a country outside of Sri Lanka
  • The personal data collected through our website is stored on servers belonging to the company WPEngine, Inc. based in the United States. WPEngine, Inc. has certified its compliance the Privacy Shield Framework (please visit for further information), and also meet adequate Sri Lankan safety standards. Furthermore, we have entered into a data processor agreement with WPEngine, Inc. in order to retain control of and safeguard your information.
  • In case we would transfer your personal data a country outside Sri Lanka in any other instance than set forth in section 4.1 above, we will make sure that such transfer is made safely and in accordance with Sri Lankan law.


  1. Your rights
  • Right to information: You have the right to know which personal data we process and you can request a copy of that personal data.
  • Right to rectify any inaccurate personal data: In case any of the personal data relating to you is inaccurate, you have the right to ask us to rectify it.
  • Right to erasure: You have the right to have your personal data erased from our systems in certain cases. You can require us to erase your personal data if the data that is not necessary for our purposes of collecting it or if there is no legal basis for processing it.
  • Right to restriction: Restriction means that you, under certain circumstances, have the right to stop us from using your data and instead only store it on our systems. In case you would contest the accuracy of the data or our right to process it, restriction applies during the time we need to respond to your claim. Furthermore, you have the right to restriction in case we process your information unlawfully or if the processing is no longer necessary.
  • Right to object: With regard to some personal data, we process it on basis of the so-called “legitimate interest” (see sections 1.1 – 1.3 above). In the event you find that the we lack such legitimate interest, you have the right to object against it. Furthermore, if we would use personal data for direct marketing purposes, you have the right to object to such use.
  • Right to lodge complaint: If you are dissatisfied with the way we process your data, you have the right to lodge a complaint with Data Protection Authority, which is the supervisory authority for the processing of personal data in Sri Lanka.