Interpretation

Capitalized terms have meanings defined under the following conditions. These definitions apply whether terms appear in singular or plural.

Definitions

• Account: A unique account created to access our Service or specific features.
• Affiliate: An entity that controls, is controlled by, or is under common control with us, where "control" means ownership of 50% or more of shares, equity, or voting rights.
• Company: Refers to Nightwing Digital Solutions Co., Ltd., registered at 46/479 Soi 4 Vibhavadi-Rangsit Rd., Prachauthit 12, Don Muang, 10210 Bangkok, Thailand.
• Cookies: Small text files placed on your device by a website to track activity, preferences, and login details.
• Country: Thailand (primary jurisdiction), with adherence to GDPR for EU users.
• Data Controller: The entity determining the purposes and means of processing Personal Data.
• Device: Any device (computer, phone, tablet) used to access the Service.
• GDPR: EU General Data Protection Regulation (Regulation (EU) 2016/679).
• Personal Data: Any information relating to an identified or identifiable individual.
• Service: Our website and related digital solutions.
• Service Provider: Third parties processing data on our behalf.
• Usage Data: Automatically collected information about Service use.

Personal Data

• Contact Information: Name, email address, phone number.
• Business Details: Company name, job title, industry.
• Account Credentials: Username, password (if registered).
• Technical Data: IP address, device type, browser version.
• Usage Data: Pages visited, session duration, clickstream patterns.

Usage Data

• Device identifiers, operating system, referral URLs
• Geolocation data (approximate, derived from IP address)
• Interactions with emails (e.g., opens, clicks)

Mobile Device Data

• Mobile device ID
• Operating system
• Mobile network data

We process your data for the following purposes:

• Service Delivery:
  • To create/manage your Account
  • To provide customer support
  • To fulfill contracts
  • To send transactional communications
• Legal Compliance:
  • To comply with Thai laws
  • To meet tax regulations
  • To respond to legal proceedings
• Marketing:
  • To send promotional emails (opt-out available)
  • To notify about new products or events
• Business Operations:
  • To conduct audits
  • To analyze trends
  • To improve user experience
• Security:
  • To detect and prevent fraud
  • To prevent Service misuse
  • To protect against security breaches

We use the following types of cookies:

• Essential Cookies: Necessary for core functionality (e.g., user authentication, fraud prevention).
• Analytics Cookies: To analyze traffic (e.g., Google Analytics, Hotjar).
• Preference Cookies: To remember settings (e.g., language, time zone).
• Marketing Cookies: To deliver targeted ads (enabled only with consent).

You may disable cookies via browser settings, but this may limit Service functionality.

• Consent: For marketing or non-essential cookies.
• Contractual Necessity: To fulfill service agreements.
• Legal Obligations: To comply with Thai or international laws.
• Legitimate Interests: To improve services, prevent fraud, or protect rights.

We may share your data with:

• Service Providers: Payment processors (e.g., Stripe), IT vendors (e.g., AWS), analytics providers.
• Affiliates: Subsidiaries or joint ventures under confidentiality agreements.
• Legal Authorities: In response to court orders, government requests, or to protect public safety.
• Business Partners: To offer co-branded services (e.g., software integrations).

Your data may be transferred to and processed in countries outside Thailand (e.g., EU, US). We ensure safeguards through:

• GDPR Compliance: Using Standard Contractual Clauses (SCCs) for EU transfers.
• PDPA Compliance: Verifying recipients provide adequate protection.
• Security Measures: Implementing appropriate technical safeguards.

We retain Personal Data:

• Active Use: For the duration of your Account or business relationship.
• Legal Requirements: Up to 10 years for tax records under Thai law.
• Usage Data: 12–24 months for analytics, unless required longer for security.

Under PDPA and GDPR, you have the following rights:

• Access/Portability: Request a copy of your data in a machine-readable format.
• Correction: Update inaccurate or incomplete information.
• Erasure: Request deletion of data (e.g., after Account closure).
• Object/Restrict: Object to processing for direct marketing or legitimate interests.
• Withdraw Consent: Revoke consent for cookies or communications.

To exercise these rights, contact us at info@nightwingdigital.co. We respond within 30 days.

We implement:

• Encryption: SSL/TLS for data in transit.
• Access Controls: Role-based permissions for staff.
• Audits: Regular vulnerability assessments and penetration testing.
• Monitoring: 24/7 security monitoring and incident response.
• Data Backups: Regular secure backups with encryption.

Our Service does not target individuals under 20 years (Thailand's age of majority). If we inadvertently collect data from minors, we will delete it promptly. Parents or guardians who believe we may have collected personal information from a minor should contact us immediately.

We will notify you of material changes to this policy via email or a website banner. Continued use after updates constitutes acceptance of the modified terms. We encourage you to review this policy periodically.