Information We Collect

Personal Information You Provide

When you sign up for our services or contact us, we collect information that you voluntarily provide. This includes your name, email address, phone number, and company details. If you enroll in our learning programs, we also collect educational background information and payment details.

• Contact information (name, email, phone number, mailing address)
• Account credentials (username, encrypted password)
• Financial information relevant to stability analysis
• Professional background and educational history
• Payment and billing information
• Communication preferences and service feedback

Information Collected Automatically

Our systems automatically collect certain technical information when you visit our website. This helps us understand how people interact with our platform and where we can make improvements. We use this data to fix bugs, prevent security issues, and generally make things work better.

• Device information (type, operating system, browser version)
• IP address and approximate geographic location
• Pages visited, time spent, and navigation patterns
• Referral source and search terms used
• Session duration and interaction timestamps

How We Use Your Information

We use the information we collect to provide and improve our financial stability analysis services. Here's what that looks like in practice:

• Delivering the services you requested and maintaining your account
• Processing payments and managing billing for our programs
• Communicating with you about your account, services, or inquiries
• Sending educational content and program updates when you've opted in
• Analyzing usage patterns to improve our platform and user experience
• Detecting and preventing fraud, security issues, or technical problems
• Complying with legal requirements and responding to lawful requests
• Conducting research and development for new features and services

Legal Basis for Processing

Under Thailand's PDPA, we process your personal data based on several legal grounds. Most of the time, we're processing your information because you've agreed to use our services. Sometimes it's because we have a legal obligation, like keeping financial records for tax purposes.

• Your explicit consent for specific processing activities
• Performance of our contract with you when you use our services
• Compliance with legal obligations under Thai law
• Our legitimate interests in operating and improving our business
• Protection of vital interests in emergency situations

Data Sharing and Disclosure

We keep your information within our organization whenever possible. But running a modern online service means working with some trusted partners who help us deliver our programs and maintain our platform.

Service Providers We Work With

• Cloud hosting providers for secure data storage and platform infrastructure
• Payment processors for handling transactions securely
• Email service providers for communication and educational content delivery
• Analytics tools that help us understand how people use our platform
• Customer support systems for managing inquiries and assistance

Required Disclosures

Sometimes we're legally required to share information. This happens when government agencies make lawful requests, when we need to enforce our terms of service, or when there's a genuine safety concern. We only share what's absolutely necessary in these situations.

Your Rights Under Thailand PDPA

Thailand's data protection law gives you significant control over your personal information. These aren't just theoretical rights – you can actually exercise them, and we've set up processes to make that straightforward.

• Access: Request a copy of the personal data we hold about you
• Rectification: Ask us to correct inaccurate or incomplete information
• Erasure: Request deletion of your data in certain circumstances
• Restriction: Limit how we process your information
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdrawal: Withdraw consent at any time where we rely on it

How to Exercise Your Rights

Send your request to [email protected] with "Data Rights Request" in the subject line. We'll verify your identity and respond within 30 days. Some requests might take longer if they're particularly complex, but we'll keep you updated throughout the process.

If you're not satisfied with how we handle your request, you have the right to file a complaint with Thailand's Personal Data Protection Committee. We'd prefer to resolve any concerns directly, but that option is always available to you.

Data Retention and Storage

We don't keep your data forever. Once it's no longer needed for the purposes we collected it, we delete it securely. The exact retention period depends on the type of information and why we collected it.

When we delete data, we use secure deletion methods that make recovery impossible. Backups are also purged according to our retention schedule.

Data Security Measures

Protecting your information is something we think about constantly. We use industry-standard security measures, but we also go beyond the basics because financial data deserves extra protection.

• Encryption in transit using TLS 1.3 protocol
• Encryption at rest for all stored personal data
• Regular security audits and vulnerability assessments
• Access controls limiting staff access to necessary data only
• Multi-factor authentication for administrative access
• Regular security training for all team members
• Incident response plan for potential breaches
• Regular backups stored in geographically separate locations

International Data Transfers

Our primary servers are located in Thailand, but some of our service providers operate internationally. When your data moves across borders, we make sure it's protected according to Thai data protection standards.

We only transfer data to countries that Thailand recognizes as having adequate data protection laws, or we use approved safeguards like standard contractual clauses. You can request details about specific transfers by contacting us.

Cookies and Tracking Technologies

Like most websites, we use cookies and similar technologies. These are small files that help our site remember your preferences and understand how you use our platform.

Types of Cookies We Use

• Essential cookies that make the website function properly
• Preference cookies that remember your settings and choices
• Analytics cookies that help us understand usage patterns
• Performance cookies that help us optimize site speed and reliability

You can control cookies through your browser settings. Blocking certain cookies might affect how well our site works for you, but essential functions will still operate. We don't use cookies for advertising or tracking you across other websites.

Children's Privacy

Our services are designed for adults and businesses. We don't knowingly collect information from anyone under 18 years old. If you're a parent and believe your child has provided us with personal information, contact us immediately and we'll delete it.

For users between 18 and 20 years old in Thailand, we comply with PDPA requirements regarding consent from legal representatives where applicable.

Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email and post a notice on our website at least 30 days before the changes take effect.

Continuing to use our services after changes take effect means you accept the updated policy. If you don't agree with the changes, you can close your account and request deletion of your data.

Third-Party Links

Our website might contain links to external sites that we don't control. This privacy policy only applies to Shockterminal. We're not responsible for how other websites handle your information, so check their privacy policies before sharing personal data.

Business Transfers

If Shockterminal is acquired by another company or merges with one, your information would be transferred as part of that transaction. We'd notify you beforehand and explain any changes to how your data is handled. You'd have the option to delete your account before the transfer if you prefer.