Privacy Policy
Last Updated: March 15, 2025
At CloudXConnecto, we take your privacy seriously. This policy explains what data we collect when you use our financial analysis platform, why we need it, and what we do with it. We operate in Thailand and follow local data protection requirements under the Personal Data Protection Act (PDPA).
Information We Collect
When you sign up for our courses or browse our website, we gather different types of information. Some you give us directly, other pieces we collect automatically.
Information You Provide
- Your name, email address, and phone number when registering for programs
- Payment details when enrolling in paid courses (processed through secure third-party systems)
- Professional background and learning goals you share during onboarding
- Questions or feedback you submit through contact forms or support channels
- Course progress data and assignment submissions
Automatically Collected Data
- Device information including browser type, operating system, and screen resolution
- IP address and approximate location (city level only)
- Pages you visit on our site and how long you spend there
- Links you click and resources you download
- Login times and session duration
How We Use Your Information
We're not in the business of selling your data. Everything we collect serves a specific purpose related to providing better financial education.
| Purpose | What This Means |
|---|---|
| Course Delivery | Giving you access to learning materials, tracking progress, issuing certificates |
| Communication | Sending enrollment confirmations, schedule updates, and responding to inquiries |
| Platform Improvement | Understanding which topics interest students, fixing technical issues, enhancing user experience |
| Payment Processing | Handling transactions securely and maintaining financial records as required by law |
| Legal Compliance | Meeting obligations under Thai regulations and protecting against fraud |
Marketing Note: We may send you information about upcoming courses or new content, but only if you've agreed to receive these messages. You can opt out anytime through the unsubscribe link in emails.
Data Sharing and Third Parties
We work with a few external partners who help us run the platform. They only get access to data necessary for their specific functions.
Service Providers We Use
- Payment processors for handling transactions (they never share full card details with us)
- Email service providers for course communications
- Cloud hosting companies for storing course materials and platform data
- Analytics tools for understanding website usage patterns
- Customer support software for managing inquiries
All these partners are contractually required to protect your information and can't use it for their own purposes. We don't sell, rent, or trade your personal data to third parties for marketing purposes.
Legal Disclosures
In rare cases, we might need to share information if required by Thai law enforcement, court orders, or to protect our legal rights. We'll always try to notify you unless legally prevented from doing so.
Your Rights Under Thai PDPA
Thailand's Personal Data Protection Act gives you significant control over your information. Here's what you can do:
- Access: Request a copy of all personal data we hold about you
- Correction: Update or fix inaccurate information in your account
- Deletion: Ask us to delete your data (with some exceptions for legal or contractual obligations)
- Portability: Get your data in a machine-readable format to transfer elsewhere
- Objection: Oppose certain types of data processing, particularly for marketing purposes
- Restriction: Limit how we use your data in specific situations
- Withdrawal: Revoke consent you previously gave (though this won't affect processing done before withdrawal)
How to Exercise These Rights: Send an email to [email protected] with your request. We'll respond within 30 days as required by PDPA. You may need to verify your identity before we can process certain requests.
Data Security Measures
We use industry-standard security practices to protect your information, but no system is completely foolproof. Here's what we do:
- Encryption for data transmission using SSL/TLS protocols
- Secure servers located in reputable data centers with physical security
- Access controls limiting who on our team can view personal data
- Regular security audits and vulnerability assessments
- Secure backup systems for data recovery
- Employee training on data protection and privacy practices
Despite these precautions, internet transmission isn't 100% secure. While we do our best to protect your data, we can't guarantee absolute security. Use strong passwords and don't share your login credentials with anyone.
Data Retention Periods
We don't keep your data forever. Different types of information have different retention schedules based on legal requirements and business needs.
| Data Type | Retention Period |
|---|---|
| Account Information | Duration of account activity plus 2 years after account closure |
| Course Progress Data | 5 years from course completion for certification verification |
| Payment Records | 7 years as required by Thai tax and accounting regulations |
| Marketing Communications | Until you unsubscribe, then deleted within 30 days |
| Website Analytics | 26 months from collection date |
| Support Inquiries | 3 years from last interaction |
After these periods, we securely delete or anonymize your data. You can request earlier deletion by contacting us, though some information must be retained for legal compliance.
International Data Transfers
Our primary servers are located in Thailand, but some of our service providers operate internationally. When data moves outside Thailand, we make sure it's protected through:
- Standard contractual clauses approved by data protection authorities
- Transfers only to countries with adequate data protection standards
- Additional security measures during international transmission
- Regular audits of our international partners' security practices
We only work with providers who maintain strong data protection standards comparable to Thai PDPA requirements.
Cookies and Tracking Technologies
Our website uses cookies and similar technologies to improve your experience and understand how the platform is used.
Types of Cookies We Use
- Essential Cookies: Required for basic site functionality like login sessions and security
- Performance Cookies: Help us understand which pages are popular and how visitors navigate the site
- Functionality Cookies: Remember your preferences like language settings
- Analytics Cookies: Provide insights into user behavior to improve our content
Most browsers allow you to control cookies through settings. Blocking certain cookies might affect site functionality. Our platform respects Do Not Track signals where technically feasible.
Children's Privacy
Our platform is designed for adults pursuing professional development in financial analysis. We don't knowingly collect information from anyone under 18 years old. If you believe we've inadvertently collected data from a minor, contact us immediately and we'll delete it promptly.
Changes to This Policy
We review and update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you through email or a prominent notice on the website at least 30 days before new terms take effect.
Minor updates like clarifications or formatting changes might not trigger notifications. Check the "Last Updated" date at the top to see when we last revised this policy.
Continuing to use our services after policy changes means you accept the updated terms. If you disagree with changes, you can close your account before they take effect.
Filing a Complaint
If you believe we've mishandled your personal data or violated your privacy rights, please contact us first so we can address your concerns. If you're not satisfied with our response, you have the right to file a complaint with Thailand's Personal Data Protection Committee.
Personal Data Protection Committee Contact: You can reach the PDPC through their official channels to report data protection concerns. We're committed to cooperating fully with regulatory authorities.