Privacy Policy

Effective Date: 10/1/2025

Last Updated: 10/1/2025

At Rootcode, protecting your privacy and personal data is our highest priority. We are fully committed to respecting your rights and handling your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.

In this Policy:

1. "we," "us," "our" refer to Rootcode.
   
   
2. "you," "your" refer to individuals whose data we process.
   
   

Please carefully review this Privacy Policy before using our website or providing your data. By accessing our services, you agree to this Policy.

The data controller for the processing of your personal data is:

Rootcode

Email: dpo@rootcode.io

Phone: +94 74 243 1733

Address: No. 42, Level 15, Nawam Mawatha, Colombo 00200, Sri Lanka

If you have questions about this Policy or how we process your data, please contact us.

We collect the following personal data:

1. Contact Information: Full names, email addresses, and telephone numbers.
   
   
2. Business Information: Company names, job titles, and website URLs.
   
   
3. Recruitment Data: CVs, LinkedIn profiles, NIC numbers, and educational qualifications.
   
   
4. Event Participation: Names, university details, and contact information for event management (e.g., Tech Triathlon, AI Meetups).
   
   
5. Voluntary Data: Any other information you provide through forms or communications.
   
   

We collect personal data only when you voluntarily provide it through our website or related channels.

We process your personal data based on the following lawful grounds under GDPR:

1. Contractual Obligation: To deliver our services, respond to inquiries, or fulfill event participation.
   
   
2. Legitimate Interests: For business operations, recruitment, and improving services.
   
   
3. Legal Obligation: To comply with applicable legal and regulatory requirements.
   
   
4. Consent: For optional marketing communications or other voluntary data you provide.
   
   

We use your personal data for the following purposes:

1. Service Delivery: To provide, manage, and improve our services.
   
   
2. Communication: To respond to inquiries, share updates, and interact effectively.
   
   
3. Recruitment: To evaluate job applications and facilitate recruitment processes.
   
   
4. Event Management: To organize, manage, and follow up on events or collaborations.
   
   
5. Marketing (With Consent): To send newsletters, updates, or promotional material.
   
   

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, or as required by law:

1. General inquiries: 12 months.
   
   
2. Recruitment data: 24 months.
   
   
3. Event participation data: 12 months post-event.
   
   
4. Legal obligations: Retained in compliance with applicable laws.
   
   

Once the retention period ends, your data will be securely deleted or anonymized.

We may share your personal data under the following conditions:

1. Service Providers: Agents, subcontractors acting on our behalf.
   
   
2. Legal Compliance: With regulatory authorities when required by law.
   
   
3. Affiliated Websites: Rootcode brand sites under strict data protection agreements:
   
   
   • https://rootcode.ai/
   • https://foundation.rootcode.io/
   • https://tech-triathlon.rootcode.io/
   • https://connect.rootcode.io/
   • https://skapp.com/
   • https://expertrepublic.com/

We do not sell your personal data to third parties.

You have the following rights regarding your personal data under GDPR:

1. Right of Access: Request access to your data and details about how we process it.
   
   
2. Right to Rectification: Request corrections to inaccurate or incomplete data.
   
   
3. Right to Erasure: Request deletion of your data when it is no longer necessary.
   
   
4. Right to Restrict Processing: Limit how your data is processed in certain circumstances.
   
   
5. Right to Data Portability: Receive a copy of your data in a structured format.
   
   
6. Right to Object: Object to data processing based on legitimate interests or direct marketing.
   
   
7. Right to Withdraw Consent: Withdraw consent at any time for processing based on consent.
   

To exercise these rights, please contact us at dpo@rootcode.io.

We implement advanced technical and organizational measures to safeguard your personal data:

1. SSL encryption for secure data transmission.
   
   
2. Access controls and restricted permissions for stored data.
   
   
3. Continuous monitoring to detect and prevent security breaches.
   
   

While we implement robust security measures to protect your data, please note that no method of transmission over the internet is entirely secure. We kindly ask you to exercise caution when sharing your information.

We use cookies to enhance your website experience:

1. Necessary Cookies: Required for website functionality.
   
   
2. Analytical Cookies: Track user behavior for improving site performance.
   
   

By using our site, you agree to the use of cookies. You can manage cookies via your browser settings.

In the event of a data breach posing significant risks, we will:

1. Notify you promptly with details of the breach.
   
   
2. Provide steps to mitigate potential harm.
   
   
3. Notify the relevant regulatory authorities within 72 hours of becoming aware of the breach.
   

Our website may contain links to third-party websites. Rootcode is not responsible for their privacy practices or content. We recommend reviewing their privacy policies before sharing any data.

We may update this Policy periodically. Changes will be posted on this page with the updated date. We encourage you to review this Policy regularly.

This Policy is governed by the General Data Protection Regulation (GDPR) and the applicable data protection laws of Sri Lanka, including the Personal Data Protection Act No. 9 of 2022.

This Privacy Policy complies with the GDPR, which applies to the processing of personal data of individuals located only within the European Union (EU) or European Economic Area (EEA).


Contact Us

For any inquiries regarding this Policy or your personal data:

Information Security Officer (ISO):
Email: infosec@rootcode.io
Phone: +94 74 243 1733

Data Protection Officer (DPO):
Email: dpo@rootcode.io
Phone: +94 74 243 1733

Representative for EU Information Security:
Email: alagan.mahalingam@rootcode.io
Phone: +372 602 7604