Privacy Policy
Last Updated: March 15, 2025
At primeglowstation, your privacy matters to us. This policy explains what data we collect, why we need it, and how we protect it. We're committed to handling your information with care and transparency, following both international standards and Thailand's Personal Data Protection Act (PDPA).
1 Information We Collect
When you use our budget risk management services, we gather different types of information. Some you provide directly, while other data comes from how you interact with our platform.
Personal Information You Provide
- Contact Details: Your name, email address, phone number, and business address when you reach out or sign up for our programs
- Professional Information: Job title, company name, industry sector, and work experience relevant to financial management
- Learning Preferences: Course selections, areas of interest, and educational background to personalize your experience
- Financial Data for Training: Sample budget scenarios you create during practice sessions (no actual financial records)
Automatically Collected Data
- Technical Information: IP address, browser type, device information, and operating system
- Usage Patterns: Pages visited, time spent on content, course progress, and interaction with learning materials
- Cookies and Tracking: Session data, preferences, and analytics to improve site performance
2 How We Use Your Data
We're not here to bombard you with ads or sell your info. Everything we collect serves specific purposes related to providing better educational services.
| Purpose | Data Used |
|---|---|
| Course Delivery | Contact info, learning preferences, progress tracking |
| Communication | Email, phone number for course updates and support |
| Service Improvement | Usage patterns, feedback, technical data |
| Legal Compliance | All data as required by Thailand PDPA and tax regulations |
| Platform Security | IP addresses, login attempts, device information |
We will never sell your personal data to third parties. Any information sharing happens only with your consent or when legally required.
3 Data Protection and Security
Security isn't just a checkbox for us. We've put several measures in place to keep your information safe from unauthorized access, loss, or misuse.
- Encryption: All data transmitted between your device and our servers uses TLS encryption protocols
- Access Controls: Only authorized team members can access personal data, and only when necessary for their role
- Regular Audits: We review our security practices quarterly and update systems to address new threats
- Secure Storage: Data centers in Thailand with physical security measures and redundant backups
- Staff Training: Our team receives ongoing education about data protection and privacy best practices
That said, no system is completely bulletproof. While we do our best to protect your data, we can't guarantee absolute security. If you notice anything suspicious with your account, let us know immediately.
4 Your Rights Under Thailand PDPA
Thailand's Personal Data Protection Act gives you several rights regarding your information. Here's what you can do and how to exercise these rights:
- Access Your Data: Request a copy of all personal information we hold about you within 30 days
- Correction Rights: Ask us to fix any inaccurate or incomplete information in your profile
- Deletion Requests: Request removal of your data when it's no longer needed (some legal obligations may require retention)
- Portability: Get your data in a structured, commonly used format to transfer to another service
- Processing Objection: Object to how we process your data for specific purposes
- Withdraw Consent: Revoke permission for data processing at any time (may affect service access)
- Restriction Requests: Limit how we use your information while disputes are resolved
To exercise any of these rights, send us an email with your request. We'll respond within 30 days and may need to verify your identity before processing certain requests.
5 Data Retention and Deletion
We don't keep your data forever. How long we retain information depends on why we collected it and legal requirements.
Retention Periods
- Active Users: Your data stays on our systems as long as you maintain an active account or enrollment
- Course Completion: Learning records kept for 5 years after course completion for certification verification
- Financial Records: Payment and invoice data retained for 7 years per Thailand tax regulations
- Marketing Communications: Contact preferences stored until you unsubscribe or request deletion
- Technical Logs: Server logs and analytics data kept for 12 months, then automatically purged
Deletion Process
When you request account deletion, we'll remove your personal data within 30 days. Some information might stick around longer if required by law (like financial records for tax purposes). You'll receive confirmation once the deletion is complete.
6 Third-Party Services and Sharing
We work with a few trusted partners to run our platform effectively. These companies help with specific tasks but don't get free access to your data.
Service Providers We Use
- Email Services: Cloud-based email delivery for course notifications and updates
- Payment Processors: Secure payment gateways for course enrollment (they handle financial data, not us)
- Analytics Tools: Website analytics to understand how people use our platform (anonymized data only)
- Cloud Hosting: Thailand-based servers for data storage and platform infrastructure
Each provider signs agreements requiring them to protect your data and use it only for specified purposes. We don't share data with advertising networks or data brokers.
If we need to share your information for reasons not covered here, we'll ask for your explicit consent first.
7 Cookies and Tracking Technologies
Like most websites, we use cookies. These small text files help us remember your preferences and understand how you interact with our content.
Types of Cookies We Use
- Essential Cookies: Required for basic site functionality like login sessions and security features
- Preference Cookies: Remember your settings and choices (language, display options)
- Analytics Cookies: Help us understand which pages work well and which need improvement
- Performance Cookies: Track loading times and technical issues to maintain site speed
You can control cookies through your browser settings. Blocking essential cookies might affect how the site functions, but preference and analytics cookies are optional.
8 International Data Transfers
Your data primarily stays in Thailand. However, some service providers might process information in other countries with different privacy laws.
When data leaves Thailand, we ensure adequate protection through:
- Standard contractual clauses approved by data protection authorities
- Verification that recipient countries have adequate privacy protections
- Additional security measures beyond standard requirements
- Regular compliance reviews of international partners
You have the right to ask about international transfers and request that your data stays within Thailand borders (this may limit some platform features).
9 Children's Privacy
Our services focus on professional budget risk management education. We don't knowingly collect data from individuals under 18 years old without parental consent.
If you're under 18 and interested in our programs, please have a parent or guardian contact us. If we discover we've collected data from minors without proper consent, we'll delete it promptly.
10 Changes to This Policy
We update this policy occasionally to reflect service changes or new legal requirements. When significant changes happen, we'll notify you via email and display a notice on the website.
The "Last Updated" date at the top shows when we last revised this document. Continuing to use our services after policy updates means you accept the changes. If you disagree with new terms, contact us to discuss options or request account closure.
11 Data Breach Procedures
Despite our security measures, breaches can happen. If your personal data is compromised, here's what we'll do:
- Notify affected users within 72 hours of discovering the breach
- Report the incident to Thailand's Personal Data Protection Committee as required
- Provide clear information about what data was affected and potential risks
- Offer guidance on protective steps you can take
- Implement additional security measures to prevent future incidents
You won't face any penalties for a breach on our end. We take full responsibility for securing your data and will be transparent about any security incidents.