Fitma

Privacy Policy

Last updated: July 22, 2025

Fitma (“we,” “us,” or “our”) values your privacy. This Privacy Policy explains what personal and non‑personal information we collect. It describes why we collect it. The policy outlines how we use and share it. It also details how we safeguard and keep it. Additionally, your rights about that data are covered. It applies to all visitors of our website and clients using our services.

Information We Collect

When you interact with Fitma—whether as a website visitor, inquiry submitter, or service client—we collect the next categories of information:

Information you give directly. This includes your name, email, postal address, or billing address. It also includes your telephone number, payment or billing data, project details, and deliverables or task documents. Additionally, it covers communications about projects and any feedback or questionnaire responses you send.

Automatically collected data. When you visit our website or platform, we collect technical information. This includes your IP address, browser type and version, and operating system. Additionally, it covers device type, referral source, pages viewed, click‑through paths, and time spent on site. We use cookies, analytics tools, and similar tracking technologies to improve website performance and functionality. These practices align with privacy policies used by leading virtual assistant providers. Examples include Smart VAs and 24/7 Virtual Assistants.

Marketing or preference data. If you provide consent, we collect your preferences regarding receiving newsletters, service proposals, promotions, or educational content.

Why We Collect and Use Your Information

Fitma uses collected data for several purposes:

  • To deliver and manage virtual assistant services, including scheduling, task tracking, billing, and client communications.
  • To personalize proposals, adjust services to your needs, and tailor messaging.
  • With your consent, to send marketing materials—like promotional offers, newsletters, or relevant content.
  • To optimize website usability, track performance, and analyze user behavior via non‑personal analytics.
  • To comply with any internal policies or contractual obligations, including basic internal record‑keeping.
  • To support customer service: responding to inquiries, managing issues, and requesting clarification.

We do not use your personal data for purposes beyond what is described here without obtaining further consent.

Sharing and Disclosure of Information

Fitma does not sell, lease, or rent your personal information to third parties. We only share your information under the following circumstances:

  • Trusted service providers. We share data with third parties necessary to deliver functionality. This includes payment processors, website hosting providers, communication platforms, or third‑party tools we engage on your behalf. This sharing is for service delivery only. These providers are contractually bound to maintain confidentiality and use data only for the services they render.
  • Legal obligations. We avoid government references. However, we disclose necessary information if compelled by court order. We also disclose information where required to protect Fitma’s legal rights or to defend against claims.
  • Corporate changes. Personal data is transferred if there is a corporate merger, acquisition, or sale of assets. These transfers are subject to equivalent privacy protections.
  • Aggregate or anonymized data. We share aggregated data for business analytics. This data does not personally identify you. We also use de‑identified data for internal reporting. This data does not personally identify you.

Data Security Measures

Fitma applies industry‑standard technical and organizational safeguards to protect your data from unauthorized access, disclosure, or loss. We implement:

  • Encryption. Where possible, data is encrypted both in transit (SSL/TLS) and at rest.
  • Access controls. Role‑based permissions limit access to data internally. Only individuals with legitimate service‑related needs (e.g., assigned VAs, billing staff) can access client data.
  • Secure storage. Personal data and project documents reside on secure servers or secure cloud storage providers.
  • NDAs and policies. All Fitma staff and VAs sign confidentiality agreements and adhere to internal data security protocols.
  • Periodic review. We regularly evaluate our security controls and train our team on best practices.

While these measures reflect industry norms, no method of transmission or storage can guarantee absolute security. You also bear responsibility for using secure practices—like two‑factor authentication and secure sharing channels.

Data Retention

Fitma retains your personal data only as long as necessary to fulfill service delivery. We use it to respond to inquiries and complete billing. We also abide by internal record‑keeping policies. Once data is no longer needed, we securely delete, anonymize, or archive it in a way that avoids personal identification.

We retain copies of project files or deliverables for a reasonable period post‑delivery. This is to support possible revision requests. Still, you can request earlier deletion. Personal contact or billing data remain archived to support future billing history or client relationship continuity.

Your Privacy Rights

You can exercise the following rights where applicable under local or extraterritorial data protection frameworks:

  • Access. Request a copy of your personal data that we hold.
  • Correction. Ask us to correct inaccurate or incomplete data.
  • Deletion. Request deletion of your personal data. Retention is necessary only to complete a transaction, comply with a contractual obligation, or fulfill legal record‑keeping.
  • Restriction or objection. Object to or request limitation of our processing—for example, stopping marketing communications or processing for profiling.
  • Portability. Request that we transfer machine‑readable data to another service provider.
  • Withdraw consent. You withdraw your marketing consent at any time—processing prior to withdrawal remains valid.
  • Complaint. You raise concerns with a relevant supervisory authority (e.g. PDPA Sri Lanka, GDPR supervisory body) if you believe your rights are violated.

To exercise any rights, email info.fitma@gmail.com with the subject “Data Privacy Inquiry”. We aim to respond within a prompt time frame consistent with applicable laws.

Cookies and Tracking Technologies

Our website uses a combination of cookie types:

  • Essential cookies. Required for basic functionality—login sessions, site preferences, secure access.
  • Performance and analytics cookies. Used to collect anonymized data on site usage and performance via tools like Google Analytics. We use this to improve user experience.

You choose to disable non‑essential cookies via browser settings; however, doing so affect site functionality or personalization options.

Children’s Privacy

Fitma’s services are intended for users aged 13 or older. We do not knowingly collect personal data from minors under 13. If you believe we have inadvertently collected data from a child under 13, please contact us at info.fitma@gmail.com and we will delete that data.

International Data Transfers

Personal data is transferred to jurisdictions outside your own. It is also stored in such locations, like hosting or third-party service provider places. These jurisdictions have different data protection standards.

Fitma implements binding contractual mechanisms. These include appropriate data protection clauses. This ensures adequate safeguards are in place during international transfers. We will not transfer your data unless sufficient protections are confirmed.

Policy Updates

We reserve the right to update this Privacy Policy to reflect changes in our operations, technology, or legal obligations. If substantive changes impact how we treat your information, we will notify clients via email. We will also post an updated version with a new effective date.

Your continued use of our services or website following publication of updated Policy signifies your acceptance of those changes.

Contact Information

For questions about this Privacy Policy, to make data access or deletion requests, or to lodge concerns, please contact us:

Email: info.fitma@gmail.com
Subject line: “Data Privacy Inquiry”

We aim to respond within 1–3 business days. We also provide clear methods for exercising rights or correcting your data.