Privacy, Cookie & Client Communication Policy

Background

Ananda Sirisena and Company (Private) Limited (hereinafter “ASAC”) and The Boardroom (Private) Limited (hereinafter “The Boardroom”) are Registered Company Secretaries and Corporate Governance service providers, operating in strategic alliance with Prasiddha Dot Net (Pvt) Ltd (“Prasiddha (.Net)”), Double Entry (Pvt) Ltd, and Double Entry Associates (Chartered Accountants) — a consortium providing Accounting, Auditing, and Taxation consultancy services.

We operate from the following domains: anandasirisena.lk (ASAC)  |  theboardroom.lk (The Boardroom)  |  prasiddha.net (Prasiddha .Net)  |  doubleentry.lk (Double Entry)

Part 1 — Privacy Policy

Introduction

We are committed to safeguarding your privacy and ensuring the security of your personal information. This policy outlines how we collect, use, and protect your data when you visit our website or use our services.

Information We Collect

• Personal Information — When you interact with our website or engage our services, we may collect your name, email address, telephone number, company details, and identification information required for statutory filings.
• Statutory Information — As part of our company secretarial services, we collect information required by law, including particulars of directors, shareholders, and company officers pursuant to the Companies Act No. 07 of 2007.
• Usage Data — We may collect non-personal information relating to your use of our website — such as browser type, pages visited, and time spent on the site — for the purpose of improving our services.
• Cookies — We use cookies to enhance your browsing experience. Details of our use of cookies are set out in Part 2 of this policy.

How We Use Your Information

• Communication — We use your contact information to respond to enquiries, provide updates, share statutory documents, and deliver relevant information relating to your company’s secretarial matters.
• Statutory Compliance — Your personal information is used to prepare and file statutory documents with the Registrar of Companies, Sri Lanka, as required under applicable law.
• Service Delivery — Your information is used to administer and deliver the company secretarial and related services you have engaged us to provide.
• Analytics — We analyse website traffic and user behaviour to improve our services and tailor content to visitor needs.

Data Security

We take appropriate technical and organisational measures to protect your data from unauthorised access, loss, or misuse. Documents stored and shared through The Boardroom App are subject to additional platform-level security controls. No method of data transmission over the internet can be guaranteed entirely secure, and we cannot accept liability for any interception or loss of information transmitted electronically.

Your Rights

You have the right to access, correct, or request deletion of your personal information held by us, subject to any statutory obligations we are required to fulfil under the Companies Act No. 07 of 2007 or any other applicable law. Requests should be submitted in writing to our contact address set out at the end of this policy.

Part 2 — Cookie Policy

What Are Cookies

Cookies are small text files placed on your device when you visit our website. They enable us to recognise your device, understand how visitors interact with our site, and improve your experience across subsequent visits.

Types of Cookies We Use

• Essential Cookies — Strictly necessary for the website to function correctly, including maintaining session integrity and enabling access to secure areas. These cannot be disabled without affecting core website functionality.
• Analytics Cookies — Used to collect aggregated information about how visitors use our website — such as which pages are visited most frequently — to help us improve our content and services.
• Functionality Cookies — Enable our website to remember preferences you have selected, such as language settings, to provide a more personalised experience.

By continuing to use our website, you consent to the placement of cookies on your device in accordance with this policy. You may manage or disable cookies through your browser settings at any time; however, doing so may impair certain features of our website.

Part 3 — Client Communication Policy

Our Communication Platforms

We utilise two primary channels for client communication and document sharing. Clients are strongly encouraged to use The Boardroom App as our preferred and most secure platform.

The Boardroom App — Access Policy

The Boardroom App is operated by The Boardroom (Pvt) Ltd. Access is granted and managed strictly as follows:

• Access is provided to directors whose names appear on the company’s Register of Directors as filed with the Registrar of Companies, Sri Lanka.
• Each director must register their own user profile using the email address listed on the Register of Directors, ensuring that access is tied to a verified and authorised identity.
• Shareholders may be granted access upon request, in compliance with the Companies Act No. 07 of 2007, which entitles shareholders to access certain statutory company documents.
• Access for any additional individuals may only be granted upon written or otherwise documented instruction from an authorised director of the client company.
• Access shall be revoked without delay upon a director’s resignation, removal from the Register of Directors, or any other termination of their directorship.

WhatsApp Groups — Policy

WhatsApp groups are created and administered by our team exclusively for company secretarial communication purposes, facilitating prompt and traceable communication regarding statutory matters.

• WhatsApp groups are established solely for the purpose of sharing company secretarial information, including statutory documents and compliance-related updates.
• By default, only directors listed on the company’s Register of Directors are added to any WhatsApp group.
• Each group is administered by our team. Administrative rights may be extended to the client upon written request.
• A director who resigns or is removed from the Register of Directors shall be removed from the WhatsApp group promptly upon such removal taking effect.
• Documents shared within these groups are statutory company secretarial documents filed with, or to be filed with, the Registrar of Companies, Sri Lanka. Such documents form part of the public record and are accessible to any person under the Companies Act No. 07 of 2007.

Email Communication

All formal correspondence and document delivery is conducted exclusively via email. We communicate only with email addresses authorised by the client — specifically those recorded on the company’s statutory forms as filed with the Registrar of Companies, including Form 20 (Particulars of Directors and Secretaries) and Form 48 (Particulars of Shareholders).

• We will not initiate communication to any email address not on our authorised contact record unless expressly directed by the client in writing.
• E-signatures and formal approvals are dispatched exclusively to the email addresses registered on the applicable statutory forms.
• Clients wishing to update their authorised contact information must notify us in writing; changes shall take effect upon receipt and verification of the updated statutory particulars.

Nature of Documents Shared

All documents shared through our communication channels are statutory company secretarial documents, including but not limited to board resolutions, director appointment instruments, statutory return forms, and regulatory filings. These documents are submitted to or maintained by the Registrar of Companies, Sri Lanka, pursuant to the Companies Act No. 07 of 2007, and accordingly form part of the public record, legally accessible by any member of the public upon application.

We manage all client documents with the highest degree of professionalism, and share them only with individuals who are authorised by the client or are otherwise legally entitled to receive such information.

Contact & Enquiries

Contact Us

For any questions or requests relating to your privacy, cookies, or our client communication practices, or to exercise any rights set out in this policy, please direct your correspondence to us at the details below.