Privacy Policy

1. Introduction

Mekong Sync ("we", "us", "our") is committed to protecting the personal data of individuals who use our website and services. This Privacy Policy explains what information we collect, how it is used, and the steps we take to safeguard it.

This policy applies to all visitors and clients who interact with our website at https://mekongsynce.top or engage our consulting services. It is designed to comply with Thailand's Personal Data Protection Act (PDPA), B.E. 2562 (2019).

For questions about this policy, contact us at: [email protected]

2. Data We Collect

We collect the following categories of personal data:

Information you provide directly: When you submit a form on our website, we collect your name, email address, phone number (if provided), and message content. When you engage our services, we may collect additional business contact details and project-related information.

Information collected automatically: Our website uses cookies and analytics tools to collect usage data including IP addresses, browser type, pages visited, and time spent on the site. See our Cookie Policy for detailed information.

Third-party data: We may receive information from third-party analytics services such as Google Analytics. This data is anonymized and used for website improvement purposes only.

3. How We Use Your Data

Personal data collected is used for the following purposes:

Service delivery: To respond to inquiries, schedule consultations, and deliver our AI integration services.

Communication: To send relevant information about our services, respond to questions, and provide project updates. We do not send marketing communications without explicit consent.

Website improvement: To analyze usage patterns and improve the functionality and content of our website.

Legal compliance: To meet our obligations under applicable Thai law, including the PDPA.

4. Legal Basis for Processing

Under the PDPA, we process personal data on the following legal bases:

Consent: When you submit a contact form or subscribe to communications, you provide consent for us to process the data you share.

Contractual necessity: When you engage our services, processing your data is necessary to fulfil the terms of our engagement.

Legitimate interest: We process anonymized website analytics data to improve our services and understand how visitors use our site.

5. Data Sharing

We do not sell your personal data. We may share data with the following categories of third parties:

Service providers: Hosting providers, email services, and analytics platforms that help us operate our website and deliver services. These providers are contractually obligated to protect your data.

Legal requirements: We may disclose information if required by law, regulation, or legal process under Thai jurisdiction.

6. Data Protection Measures

We implement appropriate technical and organizational measures to protect personal data, including encrypted data transmission (TLS/SSL), access controls limiting data access to authorized personnel, regular security assessments, and secure data storage practices aligned with ISO 27001 principles.

In the event of a data breach that poses a high risk to individuals, we will notify affected persons and the relevant supervisory authority in accordance with PDPA requirements.

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy. Contact form submissions are retained for up to 24 months. Client engagement records are retained for up to 5 years for contractual and legal purposes. Analytics data is retained in anonymized form and has no expiration.

8. Cookies

Our website uses cookies for functionality and analytics. For complete information about the cookies we use and how to manage them, please refer to our Cookie Policy.

9. Your Rights

Under the PDPA, you have the following rights regarding your personal data:

Right of access: You may request a copy of the personal data we hold about you.

Right to rectification: You may request that we correct inaccurate or incomplete data.

Right to erasure: You may request that we delete your personal data, subject to legal retention requirements.

Right to data portability: You may request that we provide your data in a commonly used electronic format.

Right to object: You may object to the processing of your data for specific purposes.

Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time.

Right to lodge a complaint: You may file a complaint with the Personal Data Protection Committee (PDPC) of Thailand if you believe your rights have been violated.

To exercise any of these rights, contact us at: [email protected]

10. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those websites and encourage you to read their privacy policies.

11. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. Continued use of our website or services after changes are posted constitutes acceptance of the updated policy.

13. Contact Information

Data Controller: Mekong Sync

Address: 18/4 Charoen Krung Road, Samphanthawong, Bangkok 10100, Thailand

Email: [email protected]

Phone: +66 2 238 9154

Supervisory Authority: Personal Data Protection Committee (PDPC), Ministry of Digital Economy and Society, Thailand