Legal
Privacy Policy
Last Updated: 12 February 2025
This policy explains how Bodhi Code collects, uses, and protects your personal information. If you have any questions, please contact us at [email protected].
1. Introduction
Bodhi Code ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard information you provide when using our website or engaging with our services. It applies to all personal data we process in connection with our AI integration consulting and employee training programs.
This policy is issued in accordance with Thailand's Personal Data Protection Act B.E. 2562 (2019) (PDPA). Where our services extend to individuals in the European Economic Area, we also comply with the General Data Protection Regulation (GDPR).
2. Data Controller
The data controller responsible for your personal information is:
- Bodhi Code
- 203 Ngamwongwan Road, Nonthaburi 11000, Thailand
- Email: [email protected]
- Phone: +66 2 328 9571
3. Information We Collect
We collect the following types of personal data:
- Contact Information: Name, email address, phone number, and organisation name provided through our contact form or direct enquiries.
- Communication Records: Emails, messages, and correspondence related to service enquiries and engagements.
- Usage Data: Technical information such as IP address, browser type, and pages visited, collected via analytics tools.
- Cookies: Preference and analytics data stored through browser cookies. See our Cookie Policy for details.
We do not collect sensitive personal data (such as health information or financial account details) unless specifically required for an engagement and with your explicit consent.
4. How We Use Your Data
We use your personal data for the following purposes:
- Responding to enquiries and providing information about our programs
- Delivering consulting and training services you have engaged us for
- Sending service-related communications (such as scheduling and delivery updates)
- Improving our website and understanding how visitors use it (analytics)
- Complying with legal and regulatory obligations
We do not sell your personal data to third parties or use it for unsolicited marketing without your consent.
5. Legal Basis for Processing
We process your data on the following legal bases:
- Consent: Where you have explicitly agreed to data collection (e.g. cookie consent, newsletter subscription)
- Contract: Where processing is necessary to fulfil a service engagement you have entered into with us
- Legitimate Interest: For analytics and service improvement, where we have assessed that our interests do not override your rights
- Legal Obligation: Where we are required to process data to comply with applicable law
6. Data Retention
We retain personal data only as long as necessary for the purposes described in this policy:
- Contact form submissions: up to 24 months from last interaction
- Client engagement records: up to 5 years following engagement completion, for legal and accounting purposes
- Analytics data: retained for up to 26 months, then anonymised or deleted
7. Data Sharing
We may share your data in the following circumstances:
- Service Providers: Trusted third-party tools (e.g. analytics platforms, email services) operating under data processing agreements
- Legal Requirements: If required by Thai law, court order, or regulatory authority
- Business Transfers: In the event of a merger or acquisition, with appropriate notice to affected individuals
We do not share personal data with marketing companies or data brokers.
8. Data Security
We apply technical and organisational measures to protect your personal data, including encrypted transmission (HTTPS), access controls, and restricted data access on a need-to-know basis. In the event of a data breach affecting your rights, we will notify you and the relevant authority within the timeframe required by applicable law.
9. Cookies
Our website uses cookies for essential functionality and, with your consent, for analytics. For full details of the cookies we use and how to manage your preferences, please see our Cookie Policy.
10. Third-Party Links
Our website may contain links to external sites. We are not responsible for the privacy practices of those websites and encourage you to review their policies independently.
11. Your Rights
Under the PDPA, you have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data (subject to legal retention obligations)
- Withdraw consent at any time, where processing is consent-based
- Object to processing based on legitimate interest
- Request restriction of processing in certain circumstances
- Lodge a complaint with Thailand's Personal Data Protection Committee
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.
12. Children's Privacy
Our services are directed at business organisations and individuals aged 18 and above. We do not knowingly collect data from minors. If you believe we have inadvertently done so, please contact us promptly.
13. Policy Updates
We may update this policy from time to time to reflect changes in our practices or legal requirements. The updated version will be published on this page with a revised "Last Updated" date. Continued use of our services after an update constitutes acceptance of the revised policy.
14. Contact
For any privacy-related enquiries, please contact us at:
- Email: [email protected]
- Address: 203 Ngamwongwan Road, Nonthaburi 11000, Thailand
- Phone: +66 2 328 9571