Privacy Policy

This policy explains what personal data TIMO CORP (PVT) LTD ("TIMO") collects, why, and your choices. We aim to collect only what we need to provide our service.

What we collect

• Account data: email and password (passwords are managed securely by our auth provider).
• Registrant details: name, email, phone and address — required by registries to register a domain.
• Order data: domains purchased, amounts, and status.
• Technical data: basic logs needed to run and secure the service.

How we use it

• To register and manage your domains.
• To process payments and send order confirmations.
• To provide support and keep your account secure.

Who we share it with

• Domain registries / registrars — registrant details are submitted to register a domain. WHOIS privacy keeps these redacted from public records where supported.
• Stripe — our payment processor. Card details go directly to Stripe; we never store your card number.
• Supabase — our database and authentication provider.

Data retention

We keep order and registration records for as long as needed to provide the service and to meet legal and registry obligations.

Your rights

You can access, correct, or request deletion of your personal data by emailing support@timo.lk. Some data must be retained while you hold an active domain registration.

Cookies

We use essential cookies/local storage to keep you signed in and to remember your cart. We do not sell your data.

Note: This is a general template. Please have it reviewed by a qualified professional before relying on it for your business.