Legal

Privacy Policy

Last updated: April 15, 2026

Who we are

Lanka Pass is operated by SCS Data Group LLC("we," "us," "our"). We provide a ticketing and event discovery platform for Sri Lankan cultural events worldwide.

What information we collect

When you purchase a ticket, RSVP to an event, or create an account, we collect:

  • Your name
  • Your email address
  • Your phone number (optional)
  • Payment information (processed securely by Stripe — we never store card numbers)
  • Event attendance and purchase history

How we use your information

We use your contact information to:

  • Send you your tickets and event confirmations
  • Provide customer support
  • Inform you about future Lanka Pass events you may be interested in
  • Send marketing communications about events, promotions, and community updates
  • Improve our platform and services

Your consent

By purchasing a ticket, submitting an RSVP, or creating an account on Lanka Pass, you agree that SCS Data Group LLC may contact you about future events and marketing communications. We will always include an unsubscribe link in every marketing email.

You can opt out of marketing communications at any time by clicking the unsubscribe link in any email, or by emailing privacy@scsdatagroup.com. Opting out of marketing will not affect essential transactional emails such as ticket deliveries and event reminders.

Who we share your information with

We share limited information with:

  • Event organizers — your name, email, and ticket details for events you attend (so they can verify entry and communicate with you about their specific event)
  • Stripe— payment processing (see Stripe's privacy policy)
  • Supabase — database and authentication (US-based data hosting)
  • Resend — transactional and marketing email delivery

We do not sell your data to third parties. Ever.

Your rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and data
  • Opt out of marketing communications
  • Request a copy of your data in a portable format

To exercise any of these rights, email privacy@scsdatagroup.com.

Data retention

We retain your account and transaction data for as long as your account is active, plus any period required by applicable laws (typically 7 years for financial records). You can request deletion at any time.

Security

We use industry-standard security measures including encrypted connections (HTTPS), secure password hashing, and access controls. Payment card data is never stored on our servers — it's handled entirely by Stripe, a PCI-DSS Level 1 certified payment processor.

Contact us

SCS Data Group LLC
Email: privacy@scsdatagroup.com

This privacy policy may be updated from time to time. We will notify registered users of any material changes by email.