Privacy Policy

1. Information We Collect

When you use sparklydevcore.com, we gather different types of information depending on how you interact with our platform.

Information You Provide Directly

This includes data you give us when signing up or using our services:

• Account Details: Name, email address, phone number, company name, job title
• Professional Information: Current role in finance, years of experience, areas of interest in corporate finance
• Payment Information: Credit card details (processed through secure third-party providers), billing address, transaction history
• Learning Progress: Course completions, quiz results, assignment submissions, certification achievements
• Communication Records: Messages sent through our contact forms, support tickets, email correspondence

Information Collected Automatically

Our systems gather technical data as you navigate the platform:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages viewed, time spent on sections, click patterns, search queries within the platform
• Session Information: Login times, session duration, navigation paths through course materials
• Location Data: General geographic location based on IP address (not precise GPS tracking)

Information From Third Parties

Sometimes we receive data from external sources:

• Professional Networks: LinkedIn profile data if you choose to connect your account
• Payment Processors: Transaction confirmations and payment status updates
• Analytics Providers: Aggregated usage patterns and performance metrics

2. How We Use Your Information

Every piece of data we collect serves specific purposes tied to delivering and improving our financial education services.

Core Service Delivery

We use your information to provide the education platform you signed up for. This means creating your account, processing payments, tracking your learning progress, issuing certificates when you complete programs, and providing technical support when something goes wrong.

Platform Improvement

Usage data helps us understand which course materials work well and which need revision. If analysts consistently struggle with a particular module on cash flow modeling, we'll redesign it. When we see strong engagement with case studies on emerging markets, we create more of that content.

Communication

We send transactional emails about your account, upcoming courses, and program updates. You'll also receive educational content relevant to your interests, though you can opt out of these at any time while still receiving essential account notifications.

Legal Compliance

Sometimes we're required to process data for legal reasons, like maintaining tax records, responding to valid legal requests, or preventing fraud. We maintain records as required under Thai commercial law.

3. Data Sharing and Third Parties

We share your information only when necessary to operate the platform or when legally required.

Service Providers

Third-party companies help us run sparklydevcore:

• Payment Processors: Handle credit card transactions securely (we never store complete card numbers on our servers)
• Cloud Hosting: Store course content and user data on secure servers
• Email Services: Send account notifications and course updates
• Analytics Tools: Help us understand platform usage and performance

These providers operate under strict data processing agreements that limit how they can use your information.

Legal Requirements

We'll disclose information when required by Thai law, valid court orders, or government regulations. This might include responding to official investigations or protecting against fraud.

Business Transfers

If sparklydevcore is acquired or merged with another company, your information may transfer to the new entity. We'll notify you before this happens and explain any changes to how your data is handled.

What We Don't Do

We don't sell email lists to marketing companies. We don't share individual learning performance with employers without explicit consent. We don't provide personal data to advertisers for targeting purposes.

4. Your Rights Under Thai Law

Thailand's PDPA gives you significant control over your personal information. Here's what you can do and how to exercise these rights.

When you request data deletion, understand that we may need to retain certain information for legal compliance, like tax records for seven years under Thai revenue regulations. We'll explain what we can and cannot delete based on legal requirements.

Response Timeline

We respond to rights requests within 30 days. Complex requests might take longer, but we'll let you know if we need additional time and explain why.

5. Data Security Measures

Financial education platforms are targets for cyber attacks because of the professional information they hold. We take security seriously.

Technical Protection

• Encryption: All data transmitted between your device and our servers uses TLS 1.3 encryption
• Secure Storage: Personal data is encrypted at rest using AES-256 encryption standards
• Access Controls: Employee access to personal data is limited by role and monitored through audit logs
• Regular Security Audits: Third-party security firms test our systems quarterly
• Automatic Backups: Daily encrypted backups stored in geographically separate locations

Organizational Measures

Our team follows strict protocols for handling personal data. Staff members with data access undergo annual privacy training. We maintain detailed incident response procedures and regularly test them through simulations.

Your Responsibility

Security is a shared effort. Use strong, unique passwords for your account. Enable two-factor authentication when available. Don't share login credentials. Log out when using shared computers. Report suspicious activity immediately.

6. Data Retention Periods

We don't keep your information indefinitely. Different types of data have different retention schedules based on legal requirements and business needs.

Active Accounts

While your account is active, we maintain your profile, learning history, and transaction records. This lets you pick up where you left off and access previously completed courses.

After Account Closure

When you close your account, we delete most personal information within 90 days. However, certain records must be retained longer:

• Financial Records: Kept for seven years per Thai Revenue Department requirements
• Legal Claims: Retained while any legal proceedings are ongoing or potential
• Fraud Prevention: Basic transaction data kept to prevent future fraudulent activity
• Certificates Issued: Permanent records of completed certifications (name, program, date only)

Marketing Data

If you opt out of marketing communications, we keep your email address on a suppression list to make sure we don't accidentally contact you again. This data is kept indefinitely but only used to prevent unwanted contact.

7. International Data Transfers

Our primary servers are located in Thailand, but some service providers operate globally. When your data crosses borders, here's what happens.

Data Storage Locations

Most data stays within Thailand. However, cloud backup systems may store encrypted copies in Singapore and Japan for disaster recovery purposes. These countries have data protection laws recognized as adequate under Thai regulations.

Service Provider Transfers

Some third-party services (like email platforms) may process data outside Thailand. When this happens, we ensure adequate protections through:

• Standard contractual clauses approved by Thai authorities
• Data processing agreements that meet PDPA requirements
• Regular audits of third-party security practices
• Encryption of data in transit and at rest

Your Control

If you're uncomfortable with international data transfers, contact us. While some transfers are necessary for platform operation, we can discuss alternatives or limitations in certain cases.

8. Cookies and Tracking Technologies

Like most websites, we use cookies to improve functionality and understand usage patterns.

Essential Cookies

These are necessary for the platform to work. They remember your login status, maintain security, and ensure consistent performance. You can't opt out of these without breaking core functionality.

Analytics Cookies

We track how people use the platform to identify problems and opportunities. This includes page views, navigation paths, and feature usage. This data is anonymized and aggregated.

Preference Cookies

These remember your settings like language preferences, display options, and content filters. They make your experience more convenient but aren't essential.

Managing Cookies

Your browser settings let you block or delete cookies. Understand that this may limit platform functionality. Some features won't work properly without cookies enabled.

9. Children's Privacy

sparklydevcore is designed for finance professionals. We don't knowingly collect information from anyone under 18 years old. Our terms of service require users to be at least 18.

If we discover that someone under 18 has created an account, we'll delete it immediately and remove associated data from our systems. Parents or guardians who believe their child has shared information with us should contact [email protected] right away.

10. Changes to This Policy

Privacy practices evolve as technology changes and regulations update. When we modify this policy, here's what happens.

Notification Process

Material changes are announced through email to all active users at least 30 days before taking effect. We'll explain what changed and why. Minor updates (like clarifying existing practices) are posted on this page with an updated effective date.

Your Options

If you disagree with policy changes, you can close your account before they take effect. We'll provide instructions for data export and deletion in the notification email.

Version History

Previous versions of this policy are available upon request. Contact us if you need to review historical privacy practices.

11. Legal Basis for Processing

Under Thai PDPA, we need valid legal grounds to process your personal data. Here's our legal basis for different processing activities.

Consent

When you create an account, you consent to data processing necessary for service delivery. This consent is freely given, specific, informed, and unambiguous. You can withdraw consent at any time, though this may mean we can't provide services.

Contract Performance

Processing payment information, tracking course progress, and issuing certificates are necessary to fulfill our contract with you. We can't deliver the education services you paid for without this processing.

Legal Obligations

Thai law requires us to maintain financial records, comply with tax regulations, and respond to valid legal requests. This processing happens regardless of consent because it's legally mandated.

Legitimate Interests

We have legitimate business interests in preventing fraud, improving platform security, and analyzing usage to enhance services. These interests are balanced against your privacy rights and never override your fundamental freedoms.