Privacy Policy

Introduction

Stratarc ("we," "our," or "us") is committed to protecting the privacy and confidentiality of personal information provided by individuals who interact with our business consulting services. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with Thailand's Personal Data Protection Act (PDPA) and international data protection standards.

By using our website, engaging our services, or providing us with your personal information, you acknowledge that you have read and understood this Privacy Policy. If you have questions or concerns about how we handle your data, please contact us at [email protected].

Information We Collect

We collect personal information through various channels when you interact with our consulting services:

Contact and Inquiry Information

When you submit contact forms, request consultations, or communicate with us via email or phone, we collect your name, email address, phone number, company name, and any information you choose to provide in your message or inquiry.

Service Engagement Data

When you engage our consulting services, we collect business contact information, organizational details, operational data relevant to the consulting engagement, and payment information necessary for invoicing and transaction processing.

Website Usage Information

Our website uses cookies and similar technologies to collect information about your browsing behavior, including IP address, browser type and version, device information, pages visited and time spent on pages, and referring website addresses. For detailed information about our cookie practices, please review our Cookie Policy.

Analytics Data

We use third-party analytics services (such as Google Analytics) to understand how visitors interact with our website. These services collect aggregated, anonymized data about website traffic and user behavior.

How We Use Your Information

We process your personal data only for specific, legitimate purposes:

Service Delivery

Responding to your inquiries and consultation requests, delivering contracted consulting services, communicating about project status and deliverables, and invoicing and payment processing.

Legitimate Business Interests

Improving our services based on feedback and usage patterns, conducting internal business analysis and planning, maintaining client relationship management systems, and protecting our legal rights and business interests.

Marketing Communications (With Consent)

Sending newsletters, case studies, or relevant industry insights (only if you have opted in to receive such communications). You may withdraw consent and unsubscribe at any time through links provided in our communications.

Legal Compliance

Complying with legal obligations, responding to lawful requests from government authorities, and protecting against legal liability or fraudulent activity.

Legal Basis for Processing

Under Thailand's PDPA, we process your personal data based on the following legal grounds:

• •Consent: When you explicitly agree to our collection and use of your personal data for specified purposes.
• •Contract Performance: When processing is necessary to fulfill our consulting services agreement with you.
• •Legitimate Interest: When we have a legitimate business interest that does not override your fundamental rights and freedoms.
• •Legal Obligation: When required to comply with Thai law or other applicable regulations.

Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your data only in the following limited circumstances:

Service Providers

We engage third-party service providers to support our business operations, including payment processors for invoicing, email service providers for communications, web hosting and analytics services, and cloud storage providers. These providers are contractually obligated to protect your data and use it only for specified purposes.

Legal Requirements

We may disclose personal information when required by Thai law, court order, or government regulation, or when necessary to protect our legal rights, prevent fraud, or ensure safety.

Business Transfers

In the event of a merger, acquisition, or sale of business assets, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.

Data Security Measures

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction:

• •Encryption: Sensitive data is encrypted both in transit (using SSL/TLS protocols) and at rest.
• •Access Controls: Personal data is accessible only to authorized personnel who require it for legitimate business purposes.
• •Secure Storage: Data is stored on secure servers with regular backups and disaster recovery procedures.
• •Regular Audits: We conduct periodic security assessments to identify and address potential vulnerabilities.
• •Employee Training: Our team receives regular training on data protection principles and security practices.

While we take reasonable precautions to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but commit to promptly notifying affected individuals of any data breaches as required by law.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law:

• •Contact Inquiries: We retain inquiry data for up to 2 years from the date of last contact, unless you request earlier deletion.
• •Service Engagement Records: Client data related to completed consulting engagements is retained for 7 years to comply with Thai business record-keeping requirements and potential legal obligations.
• •Financial Records: Payment and invoicing information is retained for 7 years in accordance with Thai tax and accounting regulations.
• •Marketing Communications: If you have consented to receive marketing communications, we retain your contact information until you withdraw consent.

When personal data is no longer required, we securely delete or anonymize it in accordance with our data retention schedule and applicable legal requirements.

Your Privacy Rights

Under Thailand's PDPA, you have the following rights regarding your personal data:

Right of Access

You may request confirmation of whether we process your personal data and obtain a copy of such data.

Right to Rectification

You may request correction of inaccurate or incomplete personal data.

Right to Erasure

You may request deletion of your personal data, subject to legal retention obligations.

Right to Data Portability

You may request to receive your personal data in a structured, commonly used format and have it transmitted to another data controller.

Right to Object

You may object to processing of your personal data for direct marketing purposes or based on legitimate interests.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time.

Right to Complain

You have the right to lodge a complaint with the Thailand Personal Data Protection Committee if you believe we have violated your privacy rights.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days as required by the PDPA.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and analyze website usage. For comprehensive information about the types of cookies we use, their purposes, and how to manage your cookie preferences, please refer to our Cookie Policy.

Third-Party Links

Our website may contain links to third-party websites, services, or resources. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected through our own website and business operations.

Children's Privacy

Our consulting services are intended for business professionals and organizations. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware that we have inadvertently collected data from a minor, we will promptly delete such information from our systems.

International Data Transfers

While our primary operations are based in Thailand, some of our service providers may process data outside of Thailand. When we transfer personal data internationally, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, to protect your information in accordance with applicable data protection laws.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will update the "Last Updated" date at the top of this policy and, where appropriate, provide additional notice through our website or direct communication. We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal information.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us: