Last updated: 21 September 2025
KASP Learning (“KASP”, “we”, “our”, “us”) explains here how we collect, use, share, and protect your information when you visit kasp.edu.lk, contact us, or use our student-facing services. This notice is written for students, parents/guardians, advisors, applicants, and website visitors in Sri Lanka and abroad.
This is an information notice, not legal advice. If anything here conflicts with applicable law, the law prevails.
1) Who we are & how to contact us
- Controller: KASP Learning, Sri Lanka
- Email: privacy@kasp.edu.lk
- Admissions / WhatsApp: +94 77 066 8657
- If you have questions or requests about your data, email us with the subject “Privacy Request” and include contact details so we can verify your identity.
2) What information we collect
a) Information you provide directly
- Register/Apply forms (examples): name, phone, email, highest qualification, city, program(s) of interest, intake/session, messages.
- Admissions & student records: national ID/passport, address, date of birth, prior education and grades, references, supporting documents, fee/payment details (via our payment partners), and communications with our staff.
- Support & complaints: messages you send via email, phone, WhatsApp or web chat, plus attachments you choose to share.
b) Information we collect automatically (when you use the site)
- Device and usage data (IP address, browser type, pages viewed, referral source, timestamps).
- Cookies and similar technologies for analytics, site performance, security, and advertising/remarketing (see Section 7).
c) Information from third parties
- Lead forms and messaging platforms (e.g., Meta/Facebook/Instagram lead forms, WhatsApp “click-to-chat”), ad networks, education partners or referrers—only where you have interacted with them or given permission.
3) Why we use your information (purposes)
- Admissions & student services: to process enquiries and applications, determine eligibility, schedule guidance calls, issue letters, and manage enrolment.
- Communication: to respond to your messages; send reminders about deadlines, events and required documents; share program and campus information.
- Marketing (consent/opt-out): to provide updates on programs, scholarships, intakes, and events through email, SMS, calls, and WhatsApp. You can opt out anytime (see Section 9).
- Operations & improvement: website analytics, troubleshooting, A/B testing, and service quality checks.
- Security & fraud prevention: to protect accounts, systems and users.
- Legal & compliance: to meet regulatory requirements, resolve disputes, and enforce agreements.
4) Our legal bases
Depending on the situation, we rely on:
- Consent (e.g., newsletter/marketing sign-ups, certain cookies).
- Contract (to process applications or provide student services you requested).
- Legitimate interests (to operate and secure our services, respond to enquiries, and improve user experience—balanced against your rights).
- Legal obligation (to comply with applicable laws and requests from authorities).
- Vital interests (rare, e.g., safety matters).
5) Who we share information with
We do not sell your personal data. We share it only with:
- Service providers / processors under contracts (hosting, email/SMS gateways, WhatsApp Business, analytics, CRM/lead-management, form tools, cloud storage, payment gateways).
- Academic/operational partners involved in delivering the program you apply for (only what they need, for stated purposes).
- Authorities or law enforcement when legally required.
- Successors in the event of a reorganisation or transfer, under confidentiality safeguards.
These parties must protect your data and use it only as instructed by KASP.
6) International transfers
Your data may be stored or processed outside Sri Lanka (for example, on secure cloud servers). When we transfer data internationally, we use appropriate safeguards (contractual and technical) to protect it.
7) Cookies & similar technologies
- Types we use: strictly necessary (security, load balancing), functional (preferences), analytics (traffic and usage patterns), and advertising/remarketing (to reach people who showed interest in our programs).
- Your choices: you can change browser settings to block or delete cookies. Some features may not work without essential cookies. Where a cookie banner is provided, use “Manage Cookies” to set preferences.
8) WhatsApp, social media & external links
When you click a WhatsApp or social media link, your data is handled by that platform under its own privacy policy. Please review those policies before sharing sensitive information. We are not responsible for third-party websites we link to.
9) Your rights
Subject to local laws and certain exceptions, you can:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete data (where we have no overriding reason to keep it).
- Object to or restrict certain processing (including direct marketing).
- Withdraw consent at any time (this won’t affect prior lawful use).
- Data portability (receive your data in a usable format, where applicable).
To exercise your rights, email privacy@kasp.edu.lk. We may need to verify your identity to protect your account.
10) Data retention
We keep data only as long as needed for the purposes described or as required by law:
- Marketing leads: typically up to 24 months from your last interaction (unless you opt out sooner).
- Application/student & finance records: typically up to 7 years after the end of the relevant period, or longer if required by regulation, audit, or dispute resolution.
When data is no longer needed, we securely delete or anonymise it.
11) Children’s information
Our programs primarily target students aged 16+. If you are under 16, please involve a parent/guardian when contacting us or submitting forms. Where required by law, we will seek guardian consent.
12) Security
We use administrative, technical, and physical safeguards (access controls, encryption in transit where appropriate, monitoring, backups, and staff training). No system is perfectly secure; please use unique, strong passwords and be careful with links or attachments.