Privacy Policy

Effective Date: January 15, 2025

At dev-glow, we understand that your personal information matters. This policy explains what we collect, why we collect it, and what choices you have. We're based in Thailand and serve clients who rely on our financial analysis tools — which means we handle sensitive data carefully.

Who We Are

dev-glow operates from Noen Phra Sub-district, Mueang Rayong District, Rayong 21000, Thailand. We develop software for financial analysis and provide tools that help businesses make informed decisions. You can reach us at info@dev-glow.com or by calling +6628321999.

Information We Collect

We're pretty straightforward about this. When you use our tools or visit our site, here's what we gather:

Account and Registration Data

Contact details: Name, email address, phone number, and company information when you sign up or request a demo.
Authentication data: Passwords (encrypted), security questions, and multi-factor authentication details.
Business information: Company size, industry sector, and usage preferences to customize your experience.

Usage and Technical Information

Device data: IP address, browser type, operating system, and device identifiers.
Activity logs: Pages visited, features used, time spent on platform, and interaction patterns.
Performance metrics: Error reports, loading times, and technical diagnostics that help us fix bugs.

Financial and Transaction Data

Payment information: Billing address and payment method details (processed through secure third-party providers).
Subscription data: Plan type, renewal dates, and transaction history.

Communication Records

Support interactions: Emails, chat transcripts, and phone call records when you contact us.
Feedback and surveys: Responses you provide about our tools and services.

How We Use Your Information

We're not in the business of hoarding data. Everything we collect serves a purpose:

Service delivery: To provide access to our financial analysis tools, process your transactions, and maintain your account.
Product improvement: Analyzing usage patterns helps us understand what works and what doesn't.
Customer support: We keep records of our conversations so we can help you effectively.
Security: Monitoring for suspicious activity, preventing fraud, and protecting our systems from threats.
Legal compliance: Meeting obligations under Thai law and international regulations where applicable.
Communication: Sending service updates, security alerts, and occasionally information about new features you might find useful.

Legal Basis for Processing (Thailand PDPA Compliance)

Under Thailand's Personal Data Protection Act (PDPA), we process your data based on:

Consent: When you sign up or opt into communications, you're giving us permission to process your information.

Contract performance: We need certain data to deliver the services you've purchased from us.

Legal obligations: Some processing is required by Thai law, tax regulations, or financial reporting requirements.

Legitimate interests: Improving our services, preventing fraud, and maintaining security — balanced against your privacy rights.

Data Sharing and Third Parties

We don't sell your information. Period. But we do work with partners who help us run our business:

Service Providers

Payment processors: Handle transactions securely on our behalf.
Cloud hosting: Store data in secure facilities with strict access controls.
Analytics providers: Help us understand how our tools are used.
Email services: Send you account notifications and updates.

Legal Requirements

We may disclose information when required by Thai law, court orders, or government authorities. We'll notify you if legally permitted.

Business Transfers

If dev-glow is acquired or merges with another company, your data may transfer as part of that transaction. You'd be notified beforehand.

Your Rights Under Thai Law

Thailand's PDPA gives you significant control over your personal information:

Access: Request a copy of the data we hold about you.
Correction: Update or fix inaccurate information in your account.
Deletion: Ask us to delete your data (with some legal exceptions).
Portability: Receive your data in a structured format to transfer elsewhere.
Objection: Opt out of certain processing activities, like marketing communications.
Restriction: Limit how we use your data in specific circumstances.
Withdraw consent: Change your mind about permissions you've previously granted.

To exercise any of these rights, email us at info@dev-glow.com with your request. We'll respond within 30 days as required by Thai law. You'll need to verify your identity first — this protects you from unauthorized access.

Data Security Measures

Security isn't something we take lightly. Here's what we do to protect your information:

Encryption: Data is encrypted in transit using TLS and at rest using industry-standard protocols.
Access controls: Only authorized personnel can access personal data, and they're bound by confidentiality agreements.
Regular audits: We conduct security assessments and penetration testing throughout the year.
Incident response: A documented plan for handling breaches, including notification procedures as required by Thai law.
Secure development: Our code undergoes security reviews before deployment.

Despite our precautions, no system is completely foolproof. If a breach occurs, we'll notify affected users and Thai authorities within the timeframes required by law.

Data Retention

We don't keep your information forever. Here's our approach:

Active accounts: Data is retained while your subscription is active and for a reasonable period afterward.
Inactive accounts: After 24 months of inactivity, we may delete or anonymize your data unless legal requirements apply.
Financial records: Kept for 7 years to comply with Thai tax and accounting regulations.
Support records: Maintained for 3 years to help with ongoing service issues.
Marketing data: Removed within 30 days of unsubscribing from communications.

You can request earlier deletion by contacting us, subject to our legal obligations.

International Data Transfers

Our primary operations are in Thailand, but some service providers operate servers in other countries. When data leaves Thailand, we ensure:

Transfer mechanisms comply with PDPA requirements
Adequate protection measures are in place
Contracts with providers include data protection obligations
You're informed about where your data is processed

Cookies and Tracking

Our website uses cookies and similar technologies. Some are essential for the site to work, others help us improve:

Essential Cookies

These keep you logged in and remember your preferences. You can't opt out without affecting functionality.

Analytics Cookies

Help us understand how visitors use our site. You can disable these through your browser settings.

Marketing Cookies

Track your visits across websites to show relevant content. These require your consent.

Manage your preferences in your browser settings or contact us for assistance.

Children's Privacy

Our services aren't designed for anyone under 18. We don't knowingly collect information from minors. If you believe we've inadvertently collected such data, contact us immediately and we'll delete it.

Changes to This Policy

We update this policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our website. The "Effective Date" at the top shows when the current version took effect.

Continued use of our services after changes means you accept the updated policy.

Filing a Complaint

If you're not satisfied with how we've handled your data or privacy concerns, you have the right to file a complaint with Thailand's Personal Data Protection Committee (PDPC). We'd appreciate the chance to address your concerns directly first, but you're entitled to contact regulators at any time.