1. Information We Collect

We collect different types of information depending on how you interact with our platform. Here's what we gather and why:

Personal Identification Information

When you sign up for our financial communication management services, we need basic details to set up your account. This includes your full name, email address, phone number, and company affiliation if applicable. For users in Thailand, we may also collect your Thai national ID number or business registration number to verify your identity — this is standard practice for financial service platforms operating under Thai regulations.

Financial and Transaction Data

Since we help you manage financial communications, we collect information about your transactions, payment methods, and communication patterns. We don't store full credit card numbers on our servers — that's handled by our payment processors. But we do keep records of transaction dates, amounts, and communication preferences tied to those transactions.

Technical Information

• IP addresses and browser types
• Device information and operating systems
• Pages visited and time spent on our platform
• Referring websites and search terms used
• Cookie data and session identifiers

Communication Records

We keep records of your interactions with our support team, including emails, chat logs, and phone conversations. This helps us improve our service and resolve any issues you might face. If you participate in our educational webinars or training sessions, we may record attendance and engagement data.

2. How We Use Your Information

Your data serves specific purposes. We don't collect information just to have it sitting around. Here's what we actually do with it:

Communication and Updates

We'll send you emails about your account activity, important security updates, and changes to our services. Sometimes we'll share educational content about financial communication best practices — but only if you've opted in. We never sell your email address to third parties or spam you with irrelevant marketing.

Platform Improvement

We analyze usage patterns to understand what features work well and what needs improvement. This might involve looking at which tools get used most frequently or where users encounter difficulties. The goal is to make the platform more intuitive and helpful.

Security and Fraud Prevention

We monitor for suspicious activity to protect both your account and our platform. This includes detecting unusual login patterns, preventing unauthorized access, and identifying potential security threats. It's proactive protection rather than reactive cleanup.

Data Type	Primary Use	Retention Period
Account Information	Service delivery and authentication	Duration of account + 7 years
Transaction Records	Financial reporting and compliance	7 years (Thai tax law requirement)
Support Communications	Customer service and quality improvement	3 years
Technical Logs	Security monitoring and troubleshooting	90 days

3. Data Sharing and Third Parties

We don't sell your personal information. Period. But we do work with other companies to run our platform, and some of them need access to certain data. Here's the complete picture:

Service Providers

We use third-party companies for payment processing, cloud hosting, email delivery, and analytics. These providers only get the specific information they need to do their job. For example, our payment processor sees your transaction details but doesn't need to know what features you use on our platform.

Legal Requirements

Sometimes Thai law requires us to share information with government authorities. This might happen during tax audits, legal investigations, or regulatory compliance checks. We only share what's legally required and will notify you when possible — unless the law prohibits us from doing so.

Business Transfers

If LinkFeedWaveHubOn gets acquired or merges with another company, your information would transfer to the new entity. We'd notify you beforehand and ensure the acquiring company maintains similar privacy protections.

4. Your Rights Under Thai PDPA

Thai privacy law gives you significant control over your personal data. These aren't just theoretical rights — we've built systems to make them practical and accessible.

Right to Access

You can request a copy of all personal data we hold about you. We'll provide this in a commonly used electronic format within 30 days. There's no charge for your first request in a calendar year, though we might ask you to verify your identity first.

Right to Correction

Found outdated information in your profile? You can update most details directly through your account settings. For information you can't change yourself, contact our support team and we'll make the corrections within 15 days.

Right to Deletion

You can request deletion of your personal data, and we'll comply unless we need to keep it for legal reasons. Some financial records must be retained for seven years under Thai tax law, but we'll delete everything else and anonymize what we must keep.

Right to Data Portability

Want to take your data to another platform? We'll provide your information in a structured, machine-readable format. This includes your account details, transaction history, and communication preferences — basically everything you'd need to set up elsewhere.

Right to Object

You can object to certain types of data processing, particularly for marketing purposes. We'll stop processing your data for those purposes immediately. You'll still receive essential service communications, but no optional content.

• Right to restrict processing during disputes
• Right to withdraw consent at any time
• Right to lodge complaints with Thai PDPC
• Right to refuse automated decision-making

5. Data Security Measures

We take security seriously because financial data attracts bad actors. Our approach combines industry-standard technology with careful operational practices.

Technical Safeguards

All data transmissions use TLS 1.3 encryption — that's the same technology banks use. Stored data gets encrypted at rest using AES-256 encryption. We run regular security audits and penetration testing to find vulnerabilities before attackers do.

Access Controls

Only employees who need access to perform their jobs can view user data. We use role-based access controls and log every instance of data access. Our team receives regular security training and signs confidentiality agreements.

Infrastructure Security

Our servers sit in secure data centers with 24/7 monitoring, redundant power systems, and strict physical access controls. We maintain regular backups stored in geographically separate locations — if something goes wrong, we can restore your data.

6. Cookies and Tracking Technologies

Our website uses cookies — small text files that help us remember your preferences and understand how people use our platform. You have control over these.

Essential Cookies

Some cookies are necessary for the website to function. These handle things like keeping you logged in and remembering your language preference. You can't disable these without breaking core functionality.

Analytics Cookies

We use analytics cookies to understand usage patterns. This tells us which features get used most, where people get stuck, and how we can improve the platform. These cookies don't identify you personally — they just track general behavior patterns.

Managing Cookie Preferences

You can control non-essential cookies through your browser settings or our cookie preference center. Disabling analytics cookies won't affect your ability to use the platform — you'll just be helping us less with improvement efforts.

7. Data Retention and Deletion

We don't keep your data forever. Different types of information have different retention periods based on legal requirements and practical needs.

Active Account Data

While your account remains active, we keep all associated data. This includes your profile information, transaction history, and communication records. You need this data to use the platform effectively.

Post-Deletion Retention

When you close your account, we begin a deletion process. Some data gets removed immediately, while financial records must be retained for seven years under Thai tax law. After the retention period expires, we permanently delete all information.

Backup Systems

Deleted data might persist in backup systems for up to 90 days. These backups serve disaster recovery purposes — if our main systems fail, we can restore operations. Once backup cycles complete, your data disappears from those systems too.

8. Children's Privacy

Our platform isn't designed for children under 20 years old (the age of majority in Thailand for certain financial activities). We don't knowingly collect information from minors. If we discover we've accidentally collected such data, we'll delete it promptly.

Parents or guardians who believe their child has provided us with personal information should contact us immediately. We'll investigate and take appropriate action.

9. Changes to This Policy

Privacy regulations evolve, and so does our platform. When we make significant changes to this policy, we'll notify you via email and post the updated version on our website. The "Last Updated" date at the top tells you when the most recent changes occurred.

We encourage you to review this policy periodically. Continued use of our services after changes take effect means you accept the updated terms. If you disagree with changes, you can close your account before they take effect.

10. International Users

While we're based in Thailand and primarily serve the Thai market, users from other countries can access our platform. If you're outside Thailand, understand that your data will be transferred to and processed in Thailand under Thai privacy laws.

Thai PDPA provides strong privacy protections comparable to many international standards. However, if your country has specific privacy regulations, we'll work to comply with both Thai law and your local requirements where possible.