Genuine OEM Island-Wide Delivery Warranty Guaranteed WhatsApp Support
Type to search forum threads and blog articles

Privacy Policy

Last updated: March 28, 2026

EUROPARTS LANKA ("we," "us," or "our") operates the website europartslanka.lk (the "Site"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our Site, place orders, use our AI Part Finder, or interact with our forum and services.

By using our Site, you consent to the practices described in this policy.

1. Information We Collect

1.1 Information You Provide

  • Account Registration: Name, email address, phone number, and password when you create an account.
  • Orders & Bookings: Name, phone, email, delivery location, vehicle details (brand, model, year, VIN, engine code), and part descriptions when you submit orders or service bookings.
  • My Garage: Vehicle information you voluntarily add to your garage including VIN numbers and engine codes.
  • Forum Posts: Content you post in our community forum, including text and any information you choose to share.
  • AI Part Finder: Messages you send to our AI assistant, including vehicle descriptions and part queries.
  • Contact Form: Name, email, and message content when you contact us.

1.2 Information Collected Automatically

  • Page Views: We track pages visited using a privacy-safe hashed IP approach (we store a SHA-256 hash, not your actual IP address).
  • Device Information: Device type (mobile/tablet/desktop), browser type, for analytics purposes.
  • Cookies: We use essential cookies for authentication and optional analytics cookies. See our Cookie Policy for details.
  • Google Analytics 4: Anonymized usage data for understanding site performance.
  • Microsoft Clarity: Heatmaps and session recordings to improve user experience (personal data is masked).

2. How We Use Your Information

  • Process and fulfil your spare parts orders and service bookings
  • Communicate with you about orders via email and WhatsApp
  • Provide AI Part Finder responses tailored to your vehicle
  • Send order confirmations, status updates, and service reminders
  • Operate and moderate the community forum
  • Improve our website, services, and user experience
  • Notify you when requested parts become available (Part Alerts)
  • Send password reset links and account verification emails
  • Analyse usage patterns to stock popular parts (anonymized data only)

3. How We Protect Your Data

  • Passwords: Stored using bcrypt hashing with a cost factor of 12. We never store plain-text passwords.
  • Authentication: JWT tokens transmitted via HTTP-only, Secure cookies with SameSite protection.
  • Transport: All data transmitted over HTTPS (TLS/SSL encryption).
  • Database: MySQL with parameterized queries (PDO prepared statements) preventing SQL injection.
  • IP Addresses: Stored as SHA-256 hashes in analytics tables — your actual IP is never stored.
  • Access Control: Sensitive configuration files (.env, database credentials) are blocked from web access via server configuration.

4. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with:

  • Anthropic (Claude AI): Your AI Part Finder queries are sent to Anthropic's API for processing. See Anthropic's Privacy Policy.
  • Google Analytics: Anonymized usage data. See Google's Privacy Policy.
  • Microsoft Clarity: Masked session recordings. See Microsoft's Privacy Statement.
  • Hostinger: Our hosting provider processes data on our behalf under their data processing agreement.
  • Law Enforcement: If required by Sri Lankan law or valid legal process.

5. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Update or correct inaccurate information via your profile dashboard.
  • Deletion: Request deletion of your account and associated data by contacting us.
  • Objection: Opt out of non-essential data processing by disabling analytics cookies.
  • Data Portability: Request your data in a machine-readable format.

6. Data Retention

  • Account Data: Retained while your account is active. Deleted upon account deletion request.
  • Order Records: Retained for 7 years for tax and legal compliance under Sri Lankan law.
  • Forum Posts: Retained unless you request deletion. Deleted posts are soft-deleted (marked as removed).
  • Analytics Data: Page view logs are retained for 12 months, then automatically purged.
  • AI Query Logs: Retained for 6 months for service improvement, then deleted.

7. Children's Privacy

Our Site is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us to request deletion.

8. Third-Party Links

Our Site may contain links to third-party websites (WhatsApp, Google Maps, parts suppliers). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Site after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions, data access requests, or concerns: