Privacy Policy

Introduction

Garuda Nexus is committed to protecting the privacy of individuals who interact with our consulting services. This privacy policy explains how we collect, use, store, and protect personal information in accordance with Thai data protection laws and international standards.

If you have questions about this policy or how we handle your information, please contact us at [email protected].

Information We Collect

Personal Information

We collect the following types of personal information when you contact us or engage our services:

• Name and contact details (email address, phone number)
• Company name and position
• Communication preferences
• Information you provide in inquiries or during consultations
• Business information relevant to potential engagements

Technical Information

When you visit our website, we may automatically collect:

• IP address and geographic location
• Browser type and version
• Pages visited and time spent on site
• Referring website or source
• Device information

Cookies and Similar Technologies

We use cookies and similar technologies to improve your experience on our website. For detailed information about our cookie usage, please see our Cookie Policy.

How We Use Your Information

We use personal information for the following purposes:

Service Delivery

• Responding to inquiries and consultation requests
• Providing consulting services as outlined in engagement agreements
• Communicating about project progress and deliverables
• Processing payments and maintaining financial records

Business Operations

• Maintaining client relationships and providing support
• Improving our services and website functionality
• Analyzing service usage and client satisfaction
• Complying with legal and regulatory requirements

Communications

• Sending service-related updates and important notices
• Responding to requests or questions
• Sharing relevant information about our services (with your consent)

Legal Basis for Processing

We process personal information based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill consulting services you have requested
• Legitimate Interests: Processing necessary for our business operations, provided it does not override your privacy rights
• Legal Obligation: Processing required to comply with Thai laws and regulations
• Consent: Where you have explicitly agreed to specific processing activities

Data Sharing and Disclosure

Third-Party Service Providers

We may share information with trusted service providers who assist with:

• Website hosting and technical infrastructure
• Email communication services
• Payment processing
• Analytics and performance monitoring

These providers are contractually obligated to protect your information and use it only for specified purposes.

Legal Requirements

We may disclose information when required by law, such as:

• Responding to legal processes or government requests
• Protecting our rights, property, or safety
• Investigating potential violations of our terms
• Complying with regulatory obligations

Data Security

We implement appropriate technical and organizational measures to protect personal information, including:

• Encryption of data in transit and at rest
• Secure server infrastructure and access controls
• Regular security assessments and updates
• Staff training on data protection practices
• Incident response procedures

While we take reasonable precautions, no data transmission over the internet or storage system can be completely secure. We encourage you to also take steps to protect your information.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Specific retention periods include:

• Client Engagement Records: 7 years after engagement completion for legal and tax purposes
• Inquiry Information: 2 years after last contact, unless you request earlier deletion
• Marketing Communications: Until you withdraw consent
• Website Analytics: Up to 26 months

After the retention period expires, we securely delete or anonymize personal information.

Your Rights

Under Thai data protection law, you have the following rights regarding your personal information:

Access and Information

• Request confirmation of what personal information we hold about you
• Obtain a copy of your personal information
• Request details about how we process your information

Correction and Deletion

• Request correction of inaccurate or incomplete information
• Request deletion of your personal information (subject to legal retention requirements)
• Request restriction of processing in certain circumstances

Data Portability and Objection

• Receive your personal information in a structured, commonly used format
• Object to processing based on legitimate interests
• Withdraw consent where processing is based on consent

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

International Data Transfers

Your personal information may be transferred to and processed in countries outside Thailand, including through our use of third-party service providers. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by data protection authorities
• Adequacy decisions recognizing equivalent data protection standards
• Certification schemes demonstrating compliance with privacy principles

Children's Privacy

Our services are intended for businesses and professionals. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware that we have collected information from someone under 18, we will take steps to delete it promptly.

Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you by:

• Posting the updated policy on our website
• Updating the "Last Updated" date at the top of this page
• Sending email notification to active clients when changes materially affect their rights

We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us: