Privacy Policy

Your privacy matters to us. Learn how we collect, use, and protect your personal information when you use DigitalFlashSpot services.

Information We Collect

At DigitalFlashSpot, we collect information to provide you with better budgeting tools and financial management services. The types of information we gather include:

Personal Information: Name, email address, phone number, and mailing address when you create an account or contact us

Financial Data: Budget categories, spending patterns, income information, and financial goals you input into our platform

Usage Information: How you interact with our platform, features you use most, and time spent on different sections

Device Information: IP address, browser type, operating system, and device identifiers for security and optimization purposes

Communication Records: Messages, support tickets, and feedback you send to our team

How We Use Your Information

We process your personal data for several legitimate business purposes that help us serve you better:

Purpose	Data Used	Legal Basis
Account Management	Personal information, contact details	Contract performance
Service Delivery	Financial data, usage patterns	Contract performance
Customer Support	Communication records, account data	Legitimate interest
Platform Improvement	Usage analytics, feedback	Legitimate interest
Security Monitoring	Device information, access logs	Legitimate interest

We also use aggregated, anonymized data to understand user trends and improve our budgeting algorithms. This helps us create better financial tools without compromising individual privacy.

Data Sharing and Disclosure

DigitalFlashSpot takes a conservative approach to data sharing. We never sell your personal information to third parties, and we only share data in these specific circumstances:

Service Providers: We work with trusted partners who help us operate our platform, such as cloud hosting services, payment processors, and customer support tools. These partners are bound by strict confidentiality agreements and can only use your data for the specific services they provide to us.

Legal Compliance: When required by law, court order, or government regulation

Business Transfers: In the event of a merger, acquisition, or sale of company assets

Security Threats: To protect against fraud, security breaches, or other harmful activities

Consent: When you explicitly give us permission to share information with specific third parties

Your Privacy Rights

Under Thailand's Personal Data Protection Act (PDPA) and international privacy standards, you have several important rights regarding your personal information:

Right to Access: Request copies of your personal data we hold and information about how we process it

Right to Rectification: Correct inaccurate or incomplete personal information in your account

Right to Erasure: Request deletion of your personal data, subject to legal retention requirements

Right to Portability: Export your data in a structured, machine-readable format

Right to Object: Opt out of certain processing activities, particularly for marketing purposes

Right to Restrict: Limit how we process your data while disputes are being resolved

To exercise these rights, contact our privacy team using the information provided at the bottom of this policy. We'll respond to your request within 30 days and verify your identity before processing any changes.

Data Security Measures

Protecting your financial information is our top priority. We implement multiple layers of security to safeguard your data:

Encryption: All data is encrypted both in transit and at rest using industry-standard AES-256 encryption

Access Controls: Strict employee access policies with role-based permissions and regular access reviews

Regular Audits: Quarterly security assessments and penetration testing by independent security firms

Secure Infrastructure: Our servers are hosted in certified data centers with physical security measures

Incident Response: 24/7 monitoring and established protocols for addressing security incidents

Important Note: While we implement robust security measures, no system is completely immune to threats. We recommend using strong, unique passwords and enabling two-factor authentication when available to further protect your account.

Data Retention and Deletion

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by applicable laws. Here's our general retention framework:

Active Accounts: Personal and financial data retained while your account remains active

Inactive Accounts: After 24 months of inactivity, we begin the account deletion process

Financial Records: Certain transaction data may be retained for up to 7 years for tax and regulatory compliance

Communication Records: Support tickets and communications retained for 3 years for quality assurance

Marketing Data: Contact information for marketing purposes deleted within 60 days of opt-out requests

When we delete your data, we ensure it's completely removed from our active systems. Some information may remain in backup systems for up to 90 days before being permanently destroyed.

International Data Transfers

DigitalFlashSpot operates primarily in Thailand, but we may transfer your data to other countries for processing or storage. When we do this, we ensure adequate protection through:

Contractual safeguards that meet or exceed Thailand PDPA requirements

Selecting service providers in countries with adequate privacy protection laws

Implementing technical measures to protect data during international transfers

Regular compliance audits of international data processing partners

Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience on our platform. These include:

Essential Cookies: Required for basic platform functionality and security

Analytics Cookies: Help us understand how users interact with our platform

Preference Cookies: Remember your settings and customization choices

Performance Cookies: Optimize loading times and platform responsiveness

You can control cookie settings through your browser preferences, though disabling certain cookies may limit platform functionality.

Children's Privacy

DigitalFlashSpot is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that we have collected information from someone under 18, we will delete that information immediately and terminate the associated account.

Policy Updates

We may update this privacy policy periodically to reflect changes in our practices, services, or applicable laws. When we make significant changes, we'll notify you through:

Email notifications to your registered address

Prominent notices on our platform dashboard

Updates to the "last modified" date on this policy

We encourage you to review this policy regularly to stay informed about how we protect your privacy.

Privacy Questions and Contacts

If you have questions about this privacy policy or want to exercise your privacy rights, contact our Data Protection Officer:

Email: info@digitalflashspot.com

Address: ถนนเพชรเกษม, ตำบลหน้าเมือง อำเภอเมือง จังหวัดราชบุรี, 70000 Thailand

Phone: +6638285371

Last updated: January 15, 2025