The information we gather depends on how you interact with us. Here's what that looks like in practice:

Information You Give Us Directly

When you reach out through our contact form or engage our services, you'll typically share:

• Your name and professional title
• Business email address and phone number
• Company name and relevant project details
• Technical information about systems you need audited
• Communication preferences and time zone

Technical Data We Collect Automatically

Like most websites, we gather some technical information when you visit glowcurrentpulse.com:

• IP address and general location data (country/city level)
• Browser type, operating system, and device information
• Pages visited and time spent on our site
• Referring website or search terms that brought you here
• Click patterns and navigation behavior

We're not in the business of selling data or building advertising profiles. Your information serves specific purposes related to our security audit services:

Purpose	What This Means
Service Delivery	Conducting security audits, communicating findings, and providing ongoing support for your blockchain projects
Communication	Responding to inquiries, sending audit reports, and sharing relevant security updates that might affect your systems
Website Improvement	Understanding how people use our site so we can make it more helpful and easier to navigate
Legal Compliance	Meeting obligations under Thailand's PDPA and maintaining records as required by financial regulations
Security Protection	Detecting and preventing unauthorized access, fraud attempts, or other security threats

We don't use your personal information for marketing unless you've specifically opted in. And even then, you can opt out anytime without affecting our service relationship.

Given that we work in blockchain security, people often ask about our own security measures. Fair question.

Where Your Data Lives

We store data on secure servers located in Thailand and Singapore. This keeps latency low for our regional clients while maintaining compliance with local data protection requirements. Client project data gets encrypted both in transit and at rest using AES-256 encryption.

Access Controls

Only team members who need access to perform their work can view client information. We use multi-factor authentication, regular access reviews, and strict role-based permissions. Every access gets logged and monitored.

Security Protocols

• Regular security audits of our own systems (we practice what we preach)
• Encrypted communication channels for all client interactions
• Secure file transfer systems for sensitive documentation
• Regular backups stored in geographically separate locations
• Incident response procedures tested quarterly

Under Thailand's Personal Data Protection Act, you have specific rights regarding your personal information. Here's what you can do and how to actually do it:

How to Exercise These Rights

Send your request to contact@glowcurrentpulse.com with "Privacy Request" in the subject line. Include your name, the email address associated with your account, and specify which right you want to exercise. We'll verify your identity and respond within the timeframes required by Thai law.

If you're not satisfied with our response, you can file a complaint with Thailand's Personal Data Protection Committee. We'd prefer to resolve things directly though.

We don't sell your data. Period. But there are specific situations where we share information with third parties:

Service Providers

We work with carefully vetted companies that help us run our business:

• Cloud hosting providers (AWS Singapore, Google Cloud Thailand)
• Email and communication platforms for client correspondence
• Payment processors for invoice handling
• Analytics tools to understand website usage

These providers can only use your data to perform services for us. They're bound by contractual obligations to protect your information and can't use it for their own purposes.

Legal Requirements

We'll disclose information when required by Thai law, court orders, or government requests. This includes situations involving:

• Criminal investigations where we're legally compelled to cooperate
• Protection of our legal rights or defense against claims
• Prevention of fraud or security threats
• Compliance with financial regulations

Business Transfers

If glowcurrentpulse gets acquired or merges with another company, your information would transfer to the new entity. We'd notify you beforehand and ensure the new owners maintain equivalent privacy protections.

We keep your information only as long as necessary for legitimate business purposes or legal requirements:

• Active Client Data: Maintained throughout our service relationship plus six months for reference
• Audit Documentation: Retained for seven years to comply with financial record-keeping regulations
• Communication Records: Kept for three years for service continuity and dispute resolution
• Website Analytics: Aggregated and anonymized after 26 months
• Marketing Contacts: Removed upon opt-out request or after two years of inactivity

When we delete data, it's gone from active systems within 30 days. Backup copies get purged according to our standard backup rotation schedule (typically 90 days maximum).

Most of our operations stay within Thailand and Singapore, but sometimes data crosses borders:

When Transfers Happen

International transfers occur when we use cloud services with global infrastructure or when clients outside Thailand engage our services. In these cases, we ensure adequate protection through:

• Standard contractual clauses approved by Thailand's PDPA
• Transfers to countries with adequate data protection frameworks
• Specific consent for transfers when required
• Additional security measures beyond baseline requirements

We don't transfer data to countries with inadequate privacy protections without implementing extra safeguards and getting your explicit consent.

Our website uses cookies, but we're pretty minimal about it compared to most sites:

Essential Cookies

These keep the site functioning properly. They remember your language preferences and maintain session security. You can't really opt out of these without breaking the website.

Analytics Cookies

We use these to understand which pages people find helpful and where they get stuck. The data is anonymized and we don't track individuals across different websites. You can disable these in your browser settings if you prefer.

What We Don't Use

No advertising cookies, no social media tracking pixels, no third-party behavioral tracking. We're not interested in building detailed profiles of your browsing habits.

Your browser's privacy settings give you control over cookies. Most browsers let you block or delete cookies entirely, though some site features might not work as smoothly.

Our services target businesses and professionals working in blockchain development. We don't knowingly collect information from anyone under 18 years old. If we discover we've inadvertently collected data from a minor, we'll delete it immediately.

Parents or guardians who believe their child has provided us with personal information should contact us right away.

We update this policy when our practices change or when legal requirements evolve. The "Last Updated" date at the top tells you when we last made changes.

For minor updates (fixing typos, clarifying existing practices), we'll just post the revised policy. For significant changes that affect how we handle your data, we'll notify you directly via email at least 30 days before the changes take effect.

Continuing to use our services after policy changes means you accept the updated terms. If you don't agree with changes, you can request account deletion and discontinue service.