Privacy Policy
Last Updated: January 15, 2025
At FlashEvolve, we take your privacy seriously. This policy explains how we collect, use, and protect your personal information when you use our financial forecasting and budgeting platform.
We operate in compliance with Thailand's Personal Data Protection Act (PDPA) B.E. 2562 and maintain transparency about our data practices. If you have questions or concerns about how we handle your information, reach out anytime.
Information We Collect
We gather different types of information to provide and improve our services. Here's what we collect and why:
Account Information
When you create an account with FlashEvolve, we collect basic details like your name, email address, phone number, and company information. This helps us set up your account and contact you about important updates or support issues.
Financial Data
Our platform needs access to your financial information to provide forecasting and budgeting services. This includes transaction data, budget figures, revenue projections, and historical financial records you choose to upload. We only collect what's necessary for the platform to function properly.
Usage Information
We track how you interact with our platform — which features you use, how often you log in, and which reports you generate. This helps us understand what's working and what needs improvement.
Technical Data
Like most online services, we automatically collect technical information such as your IP address, browser type, device information, and operating system. This helps us troubleshoot issues and ensure compatibility.
How We Use Your Information
We use your data to deliver our services and improve your experience. Here's a breakdown of our main purposes:
- Providing financial forecasting and budgeting tools that actually work for your business
- Generating accurate reports and insights based on your financial data
- Sending important notifications about your account, including security alerts
- Responding to support requests and helping you solve problems
- Improving our platform features based on how people actually use them
- Detecting and preventing fraud or unauthorized access to your account
- Meeting legal obligations under Thai law and international regulations
Marketing Communications
We might send you updates about new features or helpful content related to financial management. You can opt out of these emails anytime — just click the unsubscribe link at the bottom of any marketing message.
Data Storage and Security
Your financial information is sensitive, and we treat it that way. We use industry-standard security measures to protect your data from unauthorized access, loss, or misuse.
Security Measures
We encrypt your data both in transit and at rest using AES-256 encryption. Our servers are hosted in secure facilities with strict access controls. We also conduct regular security audits and penetration testing to identify potential vulnerabilities before they become problems.
| Data Type | Storage Location | Retention Period |
|---|---|---|
| Account Information | Secure servers in Thailand | Active account + 7 years after closure |
| Financial Data | Encrypted cloud storage | Active account + 3 years |
| Usage Logs | Secure servers in Thailand | 24 months |
| Support Communications | Customer service platform | 3 years from last interaction |
We limit access to your personal information to employees who need it to do their jobs. All team members sign confidentiality agreements and receive training on data protection practices.
Sharing Your Information
We don't sell your personal information to third parties. Ever. But we do share data in specific circumstances:
Service Providers
We work with trusted third-party companies that help us run our platform — payment processors, cloud hosting providers, and customer support tools. These partners only access the data they need to provide their services, and they're bound by confidentiality agreements.
Legal Requirements
Sometimes we're legally required to disclose information — like when we receive a valid court order or need to comply with Thai tax authorities. We'll notify you about such requests unless we're legally prohibited from doing so.
Business Transfers
If FlashEvolve is acquired by another company or merges with one, your information might be transferred as part of that transaction. We'll notify you before this happens and explain any choices you have.
Your Rights Under Thai Law
Thailand's PDPA gives you several rights regarding your personal data. Here's what you can do and how to exercise these rights:
Access Your Data
Request a copy of all personal information we hold about you. We'll provide this within 30 days.
Correct Inaccuracies
Update or correct any incorrect or incomplete personal information in your account.
Delete Your Data
Request deletion of your personal information, subject to legal retention requirements.
Restrict Processing
Limit how we use your data in certain circumstances while maintaining your account.
Data Portability
Receive your data in a structured, machine-readable format to transfer elsewhere.
Withdraw Consent
Revoke permission for data processing activities that require your consent.
How to Exercise Your Rights
Send us an email at [email protected] with your request. We'll verify your identity and respond within 30 days. There's no fee for most requests, but we might charge a reasonable administrative fee for excessive or repetitive requests.
Cookies and Tracking
We use cookies and similar technologies to make our platform work and improve your experience. Here's what you need to know:
Essential Cookies
These are necessary for the platform to function. They remember your login session, security settings, and preferences. You can't disable these without breaking core functionality.
Analytics Cookies
We use these to understand how people use FlashEvolve — which features are popular, where users get stuck, and what we should improve. You can opt out through your browser settings.
Most browsers let you control cookies through their settings. Keep in mind that blocking certain cookies might affect how well the platform works for you.
International Data Transfers
While our primary servers are located in Thailand, some of our service providers operate globally. When we transfer data outside Thailand, we ensure appropriate safeguards are in place through standard contractual clauses or other approved mechanisms.
We only work with providers who maintain adequate data protection standards and commit to protecting your information according to this policy.
Children's Privacy
FlashEvolve isn't designed for children under 15. We don't knowingly collect personal information from anyone under this age. If we discover we've accidentally collected such data, we'll delete it immediately.
If you believe a child has provided us with personal information, contact us right away at [email protected].
Changes to This Policy
We update this privacy policy occasionally to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our platform.
The "Last Updated" date at the top shows when we last revised this policy. We encourage you to review it periodically to stay informed about how we protect your information.
Data Breach Notification
If a security breach affects your personal information, we'll notify you within 72 hours as required by Thai law. We'll explain what happened, what data was affected, and what steps we're taking to address the situation.
We'll also notify the Thai Personal Data Protection Committee when required by law.
Questions About Your Privacy?
If you have concerns about how we handle your data or want to exercise your rights, we're here to help.