Privacy Policy

1. Data We Collect

When you use our contact form or communicate with us, we may collect: your name, email address, phone number, and any information you include in your message. We collect this data because you have provided it voluntarily.

When you visit our website, certain technical information is collected automatically — including your IP address, browser type, pages visited, and visit duration. This is used for website operation and improvement.

We use cookies. Please see our Cookie Policy for details on what is collected and how to manage your preferences.

2. Legal Basis for Processing

• Consent: Where you have actively provided data through a form, we process it based on your consent.
• Contract performance: Where data is needed to deliver a service you have engaged us to provide.
• Legitimate interest: For analytics used to improve the site, where this does not override your interests.

3. How We Use Your Data

• To respond to enquiries and deliver requested services
• To send project-related communications during active engagements
• To understand how the website is used and where it can be improved
• To comply with legal obligations applicable in Thailand

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.

4. Data Retention

Enquiry data is retained for up to 24 months from the date of last contact. Client project data is retained for up to 5 years for legal and accounting purposes. Analytics data is retained for up to 14 months before being deleted or anonymised.

You may request deletion at any time. See Section 7 for how to exercise this right.

5. Data Protection Measures

We use TLS encryption for data in transit. Access to personal data is restricted to team members who require it to perform their work. We do not store payment card details — any payment processing is handled by licensed third-party providers.

In the event of a data breach affecting your personal information, we will notify you and the relevant authority as required under the PDPA.

6. Third-Party Services

We may use the following third-party services, each of which has its own privacy practices:

• Google Analytics: website usage analytics (optional cookies, can be declined)
• Google Maps: embedded location display on our homepage
• Email service provider: used to send transactional messages

Links to external websites are not covered by this policy. We are not responsible for third-party privacy practices.

7. Your Rights Under the PDPA

As a data subject under Thailand's Personal Data Protection Act, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your data, subject to legal obligations
• Object to processing based on legitimate interest
• Withdraw consent at any time (without affecting processing before withdrawal)
• Lodge a complaint with the Personal Data Protection Committee of Thailand

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Children's Privacy

Our services are intended for individuals aged 18 and over. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this policy from time to time. Changes will be reflected on this page with a revised "Last updated" date. Continued use of our website or services after changes are published constitutes acceptance of the updated policy.

10. Contact

Data controller: Mali Compute, 39 Nimmanhaemin Road, Su Thep, Chiang Mai 50200, Thailand.

Privacy queries: [email protected]