Privacy Policy

This Policy applies to our website and related services, including account registration/sign-in, use of website features, and communications submitted through our contact form.

We collect personal data only as necessary for providing the website, maintaining security, and communicating with you. This may include:

2.1 Data you provide directly

• Name (or contact name)

• Email address

• Phone number (if provided)

• Message content and details submitted via the contact form

2.2 Account data (if you register/sign in)

• Account identifiers such as email/username and data required for authentication

• Basic profile settings you choose to provide (if any)

• Sign-in and security-related records (e.g., date/time, IP address, key security events)

2.3 Technical data and usage logs

• IP address, device/browser type, date/time of access

• Security logs for monitoring, investigation, and prevention of misuse or unauthorized access

We may collect and use your personal data to:

1. Provide the website, user accounts, and related services

2. Respond to inquiries and requests submitted via the contact form

3. Authenticate users, manage accounts, and administer access appropriately

4. Maintain website and system security, prevent unauthorized access/attacks, and investigate misuse

5. Improve the quality and performance of the website and our services

We process personal data based on one or more lawful bases under the PDPA, as applicable:

• Contract / service provision (e.g., providing your account and website features)

• Legitimate interests (e.g., cybersecurity, incident investigation, fraud/abuse prevention)

• Legal obligations (where required by applicable laws or lawful orders)

• Consent (where consent is required by law)

We do not disclose your personal data to third parties unless necessary, such as:

• Service providers supporting our IT infrastructure (e.g., hosting/IT support), under appropriate data protection measures

• Government authorities or competent bodies, where required by law or lawful orders

We retain personal data only as long as necessary for the purposes described above and/or as required by applicable laws. For example:

• Account data: for as long as your account remains active, and for an appropriate period thereafter for security, audits, or legal compliance

• Contact form submissions: as long as needed to respond and follow up

• Security/usage logs: as long as needed for security monitoring and investigations

  When no longer necessary, we will delete, destroy, or anonymize the data as appropriate.

We implement appropriate safeguards, such as role-based access control, logging/auditing, and reasonable network/server security measures to protect personal data.

You may have rights under the PDPA, such as the right to access, obtain a copy, rectify, object, delete, restrict processing, and withdraw consent (where consent is the legal basis). We may refuse certain requests where required by law or necessary for system security, and we will explain the reason where applicable.

We may update this Policy from time to time. The latest version will be published on our website.