Information We Collect
Running a financial analysis business means we need certain information to provide our services properly. Here's what we typically collect and why it matters.
Information You Give Us Directly
When you contact us or use our services, you might share:
- Contact details: Name, email address, phone number, and business address
- Business information: Company name, industry sector, business size, and operational details
- Financial data: Transaction records, revenue figures, and other financial metrics you provide for analysis
- Communication records: Messages you send through our contact forms, emails, or phone conversations
- Account credentials: Username and password if you create an account on our platform
Information We Collect Automatically
Like most websites, ours gathers some technical data automatically:
- Usage data: Pages visited, time spent on site, features accessed, and navigation patterns
- Device information: Browser type, operating system, IP address, and device identifiers
- Location data: General geographic location based on IP address (not precise GPS coordinates)
- Cookies and tracking: Small files that help us remember your preferences and understand site usage
How We Use Your Information
We're not in the business of selling data. Everything we collect serves a practical purpose related to providing financial analysis services.
| Purpose | Legal Basis (PDPA) |
|---|---|
| Delivering financial analysis services you requested | Contract performance |
| Responding to your inquiries and support requests | Contract performance |
| Improving our analytical tools and services | Legitimate interest |
| Sending service updates and relevant business insights | Consent or legitimate interest |
| Preventing fraud and maintaining security | Legal obligation |
| Complying with tax and financial regulations | Legal obligation |
We don't use your financial data for anything beyond the analysis work you've hired us to do. Your business information stays confidential unless you specifically authorize us to share insights with third parties.
Data Sharing and Third Parties
We work with a small number of trusted service providers. Here's who might see your data and why:
Service Providers We Work With
- Cloud hosting providers: Store our platform and your data securely (servers located in Thailand and Singapore)
- Payment processors: Handle billing and payment transactions for our services
- Email services: Send communications and service notifications
- Analytics tools: Help us understand how people use our website
All these providers sign agreements requiring them to protect your information and use it only for the specific purposes we've authorized.
We never sell, rent, or trade your personal information to marketers or third parties. If we're required to share data with government authorities or law enforcement, we'll notify you unless legally prohibited from doing so.
Your Rights Under Thai Law
Thailand's PDPA gives you significant control over your personal data. You can exercise these rights by contacting us at any time.
What You Can Do
- Access your data: Request a copy of all personal information we hold about you
- Correct inaccuracies: Update or fix any incorrect or incomplete information
- Delete your data: Ask us to erase your information (subject to legal retention requirements)
- Restrict processing: Limit how we use your data in certain circumstances
- Data portability: Receive your data in a common format to transfer elsewhere
- Withdraw consent: Revoke permission for processing based on consent at any time
- Object to processing: Challenge our use of your data for direct marketing or legitimate interests
We'll respond to your requests within 30 days. In some cases, we might need to verify your identity before proceeding, or we might have valid legal reasons to retain certain information.
Data Security Measures
Financial data deserves serious protection. We've built multiple layers of security into our operations.
Technical Safeguards
- Encryption: All data transmissions use TLS 1.3 protocol, and stored financial data is encrypted at rest
- Access controls: Staff can only access information necessary for their specific roles
- Authentication: Multi-factor authentication required for accessing sensitive systems
- Monitoring: Automated systems watch for suspicious activity 24/7
- Regular testing: Security audits and penetration testing conducted quarterly
Organizational Safeguards
Our team receives regular training on data protection. We maintain strict confidentiality agreements with all employees and contractors. Physical access to our offices at 1518 Pracharad 1 Road is controlled and monitored.
Data Retention and Deletion
We don't keep information longer than necessary. But "necessary" varies depending on the type of data and our legal obligations.
| Data Type | Retention Period |
|---|---|
| Active client financial analysis data | Duration of service plus 7 years |
| Contact form inquiries (non-clients) | 2 years from last contact |
| Marketing communications consent | Until consent withdrawn |
| Financial transaction records | 7 years (tax law requirement) |
| Website usage analytics | 26 months |
| Security logs and access records | 12 months |
When we delete data, it's permanently erased from our systems and backups within 90 days. Thai accounting and tax regulations require us to maintain certain financial records for seven years, even after you stop using our services.
International Data Transfers
Most of your data stays within Thailand. However, some of our service providers operate servers in Singapore and other Southeast Asian countries.
When we transfer data outside Thailand, we ensure adequate protection through:
- Standard contractual clauses approved by data protection authorities
- Transfers only to countries with adequate data protection frameworks
- Additional security measures for sensitive financial information
- Regular audits of international service providers' security practices
We never transfer data to countries without appropriate legal protections unless absolutely required by law or with your explicit consent.
Cookies and Tracking Technologies
Our website uses cookies to function properly and improve your experience. You can control most cookies through your browser settings.
Types of Cookies We Use
- Essential cookies: Required for the website to work (login sessions, security features)
- Functionality cookies: Remember your preferences and settings
- Analytics cookies: Help us understand site usage and improve performance
- Performance cookies: Monitor site speed and technical issues
We don't use advertising cookies or share cookie data with advertising networks. Most browsers let you block or delete cookies, though this might affect how our website works for you.
Children's Privacy
Our services are designed for businesses and professionals. We don't knowingly collect information from anyone under 20 years of age (the age of majority in Thailand). If we discover we've accidentally collected data from someone underage, we'll delete it immediately.
Changes to This Policy
We review and update this privacy policy regularly. When we make significant changes, we'll notify active clients by email at least 30 days before the changes take effect.
Minor updates (like contact information changes or clarifications) might happen without notification. We'll always update the "Last Updated" date at the top of this page.
Complaints and Disputes
If you're unhappy with how we've handled your personal data, please contact us first. We'll investigate and respond within 30 days.
If you're not satisfied with our response, you have the right to file a complaint with Thailand's Personal Data Protection Committee. You can reach them through the Ministry of Digital Economy and Society.