Privacy Policy

Information We Collect

When you work with our platform, we gather different types of data depending on how you interact with our services. Some of this you give us directly. Other pieces we collect automatically as you use the system.

Account and Profile Information

Creating an account requires basic details – your name, email address, company name, and contact number. If you're setting up payment processing, we'll need billing information too. But here's what matters: we only ask for what's actually necessary to deliver our reporting services.

Financial Data You Upload

This is the core of what we do. You're trusting us with financial statements, transaction records, investment portfolios, and other sensitive documents. We take that responsibility seriously because this isn't just data – it's your business performance, your investment decisions, your financial strategy.

Technical Information

Our systems automatically log certain technical details when you access the platform. IP addresses, browser types, device information, access times. This helps us maintain security and improve performance. Think of it as basic housekeeping that keeps everything running smoothly.

How We Use Your Information

Let's be direct about this. Your data serves specific purposes, and we don't stretch those boundaries.

Data Storage and Security

Your financial information lives on secure servers located in Thailand and Singapore. We use industry-standard encryption – both when data moves between your device and our servers, and when it sits in our databases.

Technical Safeguards

• 256-bit SSL encryption for all data transmission
• AES-256 encryption for stored financial documents
• Multi-factor authentication options for account access
• Regular security audits and penetration testing
• Isolated database architecture to prevent cross-contamination
• Automated backup systems with encrypted storage

But technology alone isn't enough. Our team receives regular security training, and access to your data is strictly limited to personnel who need it for service delivery.

Data Retention Periods

We keep your information for as long as your account remains active, plus a reasonable period afterward to comply with Thai financial record-keeping requirements. That usually means seven years after account closure, though specific regulations might require longer retention for certain document types.

Who Gets Access to Your Data

Here's the complete picture of data sharing. We're not in the business of selling user information – that's not our model and never will be.

Category	Purpose	Data Shared
Service Providers	Cloud hosting, payment processing, email delivery	Minimum necessary for function performance
Professional Advisors	Legal counsel, accountants, auditors	Limited to specific matters requiring review
Legal Authorities	Valid legal requests, court orders	Only what's specifically required by law
Business Transfers	Merger, acquisition, or sale scenarios	Full account data with continued privacy protection

All third-party service providers sign strict confidentiality agreements and must meet our security standards. We vet these partners carefully because your data security doesn't stop at our direct control.

Your Rights Under Thai Law

Thailand's Personal Data Protection Act gives you substantial control over your information. These aren't just theoretical rights – we've built systems to actually honor them.

Access and Portability

You can request a copy of all personal data we hold about you. We'll provide it in a structured, commonly used format within 30 days. Want to move to another platform? You can download your complete financial data at any time through your account dashboard.

Correction and Updates

Found an error in your profile information? You can update most details directly through account settings. For changes requiring verification, contact our support team with proper identification.

Deletion Rights

You can request account deletion at any time. We'll remove your personal information within 60 days, though we may retain certain records to comply with legal obligations. Financial transaction logs, for instance, must be kept for regulatory periods regardless of account status.

Processing Restrictions

In certain situations, you can limit how we use your information. This might affect platform functionality, but it's your right to exercise if you have concerns about specific data processing activities.

International Data Transfers

While our primary servers are in Thailand and Singapore, some service providers operate globally. This means your data might occasionally be processed in other countries with different privacy regulations.

When that happens, we use standard contractual clauses and other legal mechanisms to ensure your information receives adequate protection. The European Commission's model clauses, for instance, provide strong safeguards for data transfers.

Special Considerations for Investors

If you're using our platform to share reports with investors, you control what gets distributed. We don't automatically share your financial data with anyone. You generate reports, and you decide who receives them.

When you do share reports, remember that recipients operate under their own privacy policies. Once a document leaves our system, we can't control how they handle it.

Children's Privacy

Our platform isn't designed for users under 18. We don't knowingly collect information from children. If we discover we've accidentally gathered data from someone underage, we'll delete it promptly.

Changes to This Policy

Privacy practices evolve, and so does this policy. When we make significant changes, we'll notify active users by email at least 30 days before the new terms take effect. Continued use after that notice period means you accept the updates.

Minor clarifications or additions might happen without formal notice, though we'll always update the "Last Updated" date at the top of this document.