We take your privacy seriously. This policy explains what data we collect when you visit sparkbeams.com or use our business budget services, why we need it, and what we do with it.
SparkBeams operates under Thai data protection regulations, including the Personal Data Protection Act B.E. 2562 (2019). We've structured our practices to comply with both local requirements and international privacy standards.
Last updated: January 2025
What Information We Collect
When you interact with our platform, we gather different types of information depending on how you use our services.
Information You Provide Directly
This includes data you give us when creating an account, contacting our team, or using our budget planning tools:
- Name and contact details (email address, phone number)
- Business information (company name, industry, size)
- Financial data you input into our budgeting tools
- Payment information when purchasing premium services
- Messages you send through our contact forms or support channels
Information Collected Automatically
Our systems collect certain technical data when you visit our site:
- IP address and general location (city-level, not precise coordinates)
- Browser type, operating system, and device information
- Pages you visit and features you use
- Time and date of your visits
- Referring website if you clicked a link to reach us
How We Use Your Data
We don't collect information just to have it. Here's what we actually do with the data we gather:
| Purpose |
Data Used |
| Provide budget planning services |
Account details, financial inputs, usage patterns |
| Process payments |
Payment information, billing address |
| Send service updates |
Email address, notification preferences |
| Improve our platform |
Usage data, feedback, technical logs |
| Respond to inquiries |
Contact information, message content |
| Comply with legal obligations |
All relevant data as required by Thai law |
We won't use your financial data for marketing purposes. The budget information you enter stays within your account and isn't shared with third parties except as described in this policy.
Data Sharing and Third Parties
We keep your information within our organization wherever possible. But there are times when we need to share data with specific partners:
Service Providers
We work with companies that help us run our platform. These include cloud hosting providers, payment processors, and email delivery services. They only access data necessary for their specific function and are contractually bound to protect it.
Legal Requirements
Thai authorities may require us to disclose information in certain situations - responding to court orders, investigating fraud, or complying with tax regulations. We'll notify you about such requests unless legally prohibited from doing so.
Business Transfers
If SparkBeams merges with another company or gets acquired, your data would transfer to the new entity. You'd receive advance notice about any such change and how it affects your information.
What We Don't Do
We don't sell your personal information to advertisers or data brokers. We don't share your financial data with marketing companies. We don't use your budget details for purposes beyond providing you service.
Your Rights Under Thai Law
Thailand's Personal Data Protection Act gives you specific rights over your information. Here's what you can do:
Access and Portability
You can request a copy of all personal data we hold about you. We'll provide this in a commonly used electronic format within 30 days. If you want to transfer this data to another service, we'll help make that happen.
Correction and Deletion
Found incorrect information in your account? Let us know and we'll fix it. Want to delete your data entirely? You can request full account deletion, and we'll remove your information within 45 days unless we're legally required to keep certain records.
Objection and Restriction
You can object to certain types of data processing or ask us to limit how we use your information. For example, you might want to stop receiving marketing emails while keeping your account active.
Withdrawal of Consent
Where we process data based on your consent, you can withdraw that consent anytime. This won't affect any processing that happened before you withdrew consent.
To exercise these rights, contact us at [email protected] with "Privacy Request" in the subject line. We'll verify your identity before processing any request.
Data Security Measures
Protecting your information isn't just about following regulations - it's about maintaining the trust you place in us when sharing business-sensitive data.
Technical Protections
- All data transmitted between your browser and our servers uses TLS encryption
- Financial information is encrypted at rest using industry-standard algorithms
- Our databases sit behind firewalls with restricted access
- We conduct regular security audits and vulnerability assessments
- Multi-factor authentication protects staff access to systems
Organizational Measures
Only employees who need access to perform their jobs can view personal data. Our team receives regular training on data protection practices. We maintain detailed access logs to track who views what information.
Despite these precautions, no system is completely secure. If we discover a data breach that affects your information, we'll notify you within 72 hours and explain what happened and what steps we're taking.
Data Retention and Deletion
We don't keep your data longer than necessary. How long we retain information depends on its type and purpose:
Active Account Data
While your account remains active, we keep all associated data so you can access your budget plans and historical information. This includes financial data you've input and all account details.
Inactive Accounts
If you don't log in for 24 months, we'll send a reminder email. Without response, we'll delete your account and associated data after another 3 months. You can request earlier deletion anytime.
Legal and Accounting Records
Thai tax law requires us to keep financial transaction records for 5 years. This includes payment information and invoices. After this period, we securely delete these records.
Technical Logs
Server logs and usage data typically get deleted after 12 months. We may retain anonymized, aggregated data longer for analytical purposes.
International Data Transfers
Our primary servers are located in Thailand, but some service providers operate globally. This means your data might occasionally be processed outside Thailand.
When we transfer data internationally, we use standard contractual clauses approved by Thai authorities. These create legal obligations for foreign processors to maintain protection levels equivalent to Thai law.
Our payment processor, for example, operates servers in Singapore. Customer support tools might store messages on servers in the United States. In each case, we've verified these partners maintain adequate security standards.
Cookies and Tracking
Like most websites, we use cookies - small text files stored on your device that help our site function properly.
Essential Cookies
These keep you logged in and remember your preferences. You can't disable these without breaking core functionality.
Analytics Cookies
We use these to understand how people use our site - which features get used most, where people get stuck, what needs improvement. You can opt out of analytics tracking in your account settings.
We don't use advertising cookies or tracking pixels from social media platforms. We don't build profiles to target you with ads elsewhere on the internet.
Changes to This Policy
Privacy practices evolve alongside technology and regulations. When we update this policy, we'll post the revised version here with a new "last updated" date.
For minor changes - fixing typos, clarifying existing practices - we'll just update the document. For significant changes that affect how we handle your data, we'll email all active users at least 30 days before the changes take effect.
Continuing to use SparkBeams after changes take effect means you accept the updated terms. If you don't agree with changes, you can delete your account before they become active.
