Privacy Policy

1. Introduction

kinetras ("we," "us," "our") is committed to protecting the privacy and personal data of our clients, website visitors, and anyone who interacts with our services. This Privacy Policy describes what information we collect, how we use it, and the rights you have regarding your data.

This policy applies to all personal data collected through our website (https://kinetras.cyou), our contact forms, email correspondence, and during the course of consulting engagements. Our registered address is 29/6 Tha Phae Road, Mueang, Chiang Mai 50100, Thailand.

For any questions about this policy, please contact us at [email protected].

2. Data We Collect

We may collect the following types of personal data:

Information you provide directly: Your name, email address, phone number, and any message content submitted through our contact form or via email. If you engage our services, we may also collect business details such as your organization name, role, and project-related information.

Information collected through technology: When you visit our website, we may collect your IP address, browser type, operating system, referring URLs, pages visited, and time spent on our site. This is gathered through cookies and similar technologies as described in our Cookie Policy.

Third-party sources: We may receive information from analytics services such as Google Analytics, which provides aggregated data about website usage patterns.

3. Legal Basis for Processing

We process personal data under the following legal bases, in accordance with Thailand's Personal Data Protection Act (PDPA):

Consent: When you submit a contact form or subscribe to communications, you consent to the processing of the data you provide for the stated purpose.

Contractual necessity: When you engage our consulting services, processing your data is necessary to fulfill the terms of our agreement.

Legitimate interest: We may process data for purposes such as improving our website, understanding how visitors use our services, and ensuring network security — where these interests do not override your privacy rights.

4. How We Use Your Data

We use collected data to respond to your inquiries and provide requested information, deliver and manage consulting engagements, improve our website and services based on usage patterns, send communications you have opted into, comply with legal and regulatory requirements, and maintain the security of our systems and data.

We do not sell personal data to third parties. We may share data with service providers who assist in operating our website (e.g., hosting providers, analytics services), but only to the extent necessary and under appropriate data protection agreements.

5. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy. Contact form submissions are kept for up to 24 months. Client engagement data is retained for the duration of the project plus 36 months for follow-up and legal compliance purposes. Website analytics data is retained in aggregated form for up to 26 months.

When data is no longer needed, it is securely deleted or anonymized.

6. Data Protection Measures

We take appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (TLS/SSL), access controls limiting data access to authorized personnel, secure storage with regular backups, regular review of our security practices, and non-disclosure agreements with all team members and contractors.

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant authorities and affected individuals in accordance with PDPA requirements.

7. Cookies

Our website uses cookies and similar technologies to enhance your browsing experience and gather usage information. For detailed information about the types of cookies we use, their purposes, and how to manage your preferences, please see our Cookie Policy.

8. Your Rights

Under Thailand's PDPA, you have the right to access the personal data we hold about you, request correction of inaccurate or incomplete data, request deletion of your personal data where there is no compelling reason for continued processing, withdraw consent at any time where processing is based on consent, object to processing based on legitimate interest, and request portability of your data in a commonly used format.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days. If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Personal Data Protection Committee of Thailand.

9. Third-Party Links

Our website may contain links to external websites or services that are not operated by kinetras. We are not responsible for the privacy practices of these third parties and encourage you to review their privacy policies before providing any personal data.

10. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal data, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. Any updates will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy periodically. Continued use of our website or services after changes constitutes acceptance of the updated policy.

12. Contact Information

Data Controller: kinetras

Address: 29/6 Tha Phae Road, Mueang, Chiang Mai 50100, Thailand

Email: [email protected]

Phone: +66 53 271 548