Privacy Policy

We collect personal data in limited and specific ways. The types of information we may gather include:

Information you provide directly: When you fill out our contact form, request a consultation, or correspond with us by email, you may share your name, email address, phone number, company name, and details about your inquiry. We only collect what is needed to respond to your request and deliver our services.

Information collected through technology: When you visit our website, our servers and analytics tools may automatically collect certain technical data, such as your IP address, browser type, operating system, referring URL, pages visited, and the duration of your visit. This data helps us understand how our site is used and where we can make improvements.

Cookies and similar technologies: We use cookies to support basic site functionality, remember your preferences, and gather anonymised usage analytics. You can manage your cookie settings through our Cookie Policy page.

Service engagement data: If you become a client, we may collect additional data as part of our project work — for example, technical specifications, organisational data relevant to your AI integration needs, and billing details. These are governed by separate service agreements.

We process personal data only when we have a lawful basis to do so. Under the PDPA, our processing activities rely on one or more of the following grounds:

Consent: Where you have given clear consent for us to process your data for a specific purpose — for example, when you submit a contact form or subscribe to receive updates from us.

Contractual necessity: When processing is required to fulfil a contract with you or to take steps at your request prior to entering a contract — such as preparing a proposal or delivering advisory services.

Legitimate interest: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights. This includes improving our services, securing our website, and analysing usage patterns.

Specifically, we use your data to: respond to enquiries and provide requested information; deliver and manage our AI consulting and integration services; send relevant communications you have opted into; improve website performance and user experience; comply with legal obligations; and protect our rights and those of our clients.

We do not sell, rent, or trade your personal data. We may share data in the following limited circumstances:

Service providers: We work with trusted third-party providers who assist in operating our website, processing payments, or delivering parts of our services. These providers are bound by data processing agreements and may only use your data for the purposes we specify.

Analytics platforms: We may use tools such as Google Analytics to understand website traffic and user behaviour. These tools collect anonymised or pseudonymised data. You can manage analytics cookies through our cookie preferences.

Legal requirements: We may disclose personal data if required by law, regulation, court order, or governmental authority in Thailand.

Business transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to the succeeding entity, subject to the same privacy protections described here.

We take the security of your personal information seriously and implement appropriate technical and organisational measures, including:

Encryption: Data transmitted between your browser and our servers is protected using TLS encryption. Sensitive data at rest is encrypted using industry-standard methods.

Access controls: Access to personal data is limited to authorised personnel who need it for their work. We enforce role-based access and multi-factor authentication where applicable.

Regular reviews: We periodically review our security practices and update them as needed to address new risks or vulnerabilities.

Incident response: In the event of a data breach that poses a risk to your rights, we will notify the relevant supervisory authority and affected individuals in accordance with PDPA requirements.

We retain personal data only as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention guidelines are:

Contact enquiries: Data from contact forms is retained for up to 12 months after the last interaction, unless a service engagement begins.

Client data: Information related to active service agreements is retained for the duration of the engagement and for up to 3 years afterward to address any follow-up questions or obligations.

Website analytics: Anonymised analytics data may be retained for up to 26 months for trend analysis.

When data is no longer needed, it is securely deleted or anonymised so that it can no longer be linked to an identifiable individual.

Our website uses cookies and similar technologies to provide core functionality, remember your preferences, and gather usage statistics. Cookies are small text files placed on your device when you visit a website.

We categorise our cookies into four groups: essential (required for the site to function), analytics (help us understand visitor behaviour), marketing (support our outreach efforts), and preference (remember your settings). You can manage your cookie preferences at any time through our dedicated Cookie Policy page.

Under Thailand's Personal Data Protection Act, you have the following rights regarding your personal data:

Right of access: You may request a copy of the personal data we hold about you.

Right to rectification: You may ask us to correct inaccurate or incomplete data.

Right to erasure: You may request deletion of your personal data, subject to certain legal exceptions.

Right to restriction: You may ask us to limit how we process your data under certain conditions.

Right to data portability: You may request that we provide your data in a structured, commonly used format.

Right to object: You may object to the processing of your data where we rely on legitimate interests as our legal basis.

Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time. This does not affect the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please email us at [email protected]. We aim to respond within 30 days of receiving your request.

Our website may contain links to external websites or services that are not operated by us. We are not responsible for the privacy practices of those third-party sites. We encourage you to review the privacy policies of any site you visit through links on our pages.

Our services are intended for businesses and individuals aged 18 and older. We do not knowingly collect personal data from anyone under the age of 18. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal obligations. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this page periodically.

The supervisory authority for data protection matters in Thailand is the Office of the Personal Data Protection Committee (PDPC), established under the PDPA. If you believe that your personal data has been processed in violation of the law, you have the right to file a complaint with the PDPC.