Privacy Policy

We handle your personal information with care and respect. This policy explains what data we collect, why we need it, and how we keep it safe.

Last Updated: January 15, 2025

Overview

At connect-neo, we provide financial analysis tools and resources for investment professionals. Our platform requires certain information to function properly and deliver value to our users in Thailand and beyond.

This privacy policy complies with Thailand's Personal Data Protection Act (PDPA), which came into full effect in 2022. We're committed to protecting your data according to both Thai regulations and international best practices.

If something here isn't clear, reach out. We'd rather answer questions than leave you guessing about your data.

Information We Collect

Account Information

When you sign up for connect-neo, we collect basic details that help us create and maintain your account:

  • Full name and professional title
  • Email address (your primary contact method)
  • Company name and role
  • Phone number (optional, but helpful for account recovery)
  • Password (encrypted and never stored in plain text)

Usage Data

We track how you interact with our platform. This isn't about surveillance — it helps us understand which features matter most and where we need to improve:

  • Pages you visit and time spent on each section
  • Reports and analyses you generate
  • Search queries within our database
  • Device information (browser type, operating system)
  • IP address and general location data

Financial Data You Upload

Investment professionals often upload financial statements, market data, or proprietary models to our platform. We treat this information with extra caution since it can be commercially sensitive.

Any data you upload remains yours. We don't claim ownership or use it for purposes beyond what you've explicitly requested.

Important: We never sell your personal information to third parties. Period. Our business model relies on subscription fees, not data brokerage.

How We Use Your Information

Different types of data serve different purposes. Here's the breakdown:

Data Type Primary Purpose Legal Basis
Account credentials Authentication and access control Contract performance
Professional details Personalized experience and relevant content Legitimate interest
Usage patterns Service improvement and feature development Legitimate interest
Payment information Billing and subscription management Contract performance
Communication history Support and relationship management Legitimate interest

Service Delivery

Most of the data we collect exists to make the platform work. Your email lets us send password resets. Your usage data helps us load your most-used tools faster. Your professional details enable us to show relevant market segments.

Communication

We'll email you about account updates, new features, and occasionally share insights from our research team. You can opt out of marketing emails anytime — though we'll still need to send critical account notifications.

Platform Improvements

Aggregated usage data shows us patterns. If 60% of users abandon a particular workflow halfway through, that's a sign we need to redesign it. This analysis uses anonymized data whenever possible.

Data Sharing and Third Parties

We keep data sharing to a minimum, but some external services are necessary for operations.

Essential Service Providers

  • Cloud hosting: Our platform runs on secure servers provided by established infrastructure companies. These providers can access data for maintenance purposes but are contractually prohibited from using it for anything else.
  • Payment processing: We don't store credit card details ourselves. Payment information goes through certified processors who handle this according to PCI-DSS standards.
  • Email services: Transactional and marketing emails are sent through specialized platforms that manage delivery and tracking.
  • Analytics tools: We use privacy-focused analytics to understand platform usage without compromising individual privacy.

Legal Requirements

Thai law requires us to disclose information in specific situations — court orders, regulatory investigations, or cases involving suspected fraud. We'll resist overly broad requests and notify you when legally permitted.

Business Transfers

If connect-neo is acquired or merged with another company, your data would transfer to the new entity. We'd notify you beforehand and ensure the new owner maintains equivalent privacy protections.

Data Security Measures

Security isn't a checkbox — it's an ongoing practice. Here's what we do to protect your information:

  • Encryption: All data transmits over HTTPS. Sensitive information is encrypted at rest using AES-256 standards.
  • Access controls: Employees can only access data necessary for their role. We log all access attempts and review them regularly.
  • Regular audits: Third-party security firms test our systems twice yearly. We patch vulnerabilities promptly.
  • Backup protocols: We maintain encrypted backups in geographically separate locations. These follow the same security standards as production data.
  • Incident response: We have a documented plan for handling potential breaches, including user notification within 72 hours as required by Thai law.

No system is completely invulnerable. What matters is how seriously we take security and how quickly we respond to issues.

Your Rights Under Thai Law

Thailand's PDPA gives you substantial control over your personal data. Here's what you can do:

Access and Portability

You can request a copy of all personal data we hold about you. We'll provide this in a structured, commonly used format within 30 days. There's no charge for the first request each year.

Correction

Found an error in your account details? You can update most information directly through your profile settings. For data you can't edit yourself, contact us and we'll make the correction.

Deletion

You can request deletion of your account and associated data. We'll comply within 30 days unless we have a legal obligation to retain certain records (like financial transactions for tax purposes).

After deletion, some data may persist in backups for up to 90 days before being permanently removed.

Object to Processing

If you disagree with how we're using your data (particularly for marketing or analytics), you can object. We'll stop that processing unless we can demonstrate compelling legitimate grounds that override your interests.

Withdraw Consent

Where we process data based on your consent (like marketing communications), you can withdraw that consent anytime. This doesn't affect the lawfulness of processing before withdrawal.

How to exercise these rights: Email us at info@connect-neo.com with your request. We'll verify your identity and respond within the timeframes required by Thai law.

Data Retention

We don't keep data longer than necessary. Retention periods vary by data type:

  • Active accounts: Data remains accessible as long as your subscription is active.
  • Closed accounts: Most data is deleted within 90 days of account closure. Financial records are retained for seven years per Thai tax law.
  • Usage logs: Anonymized aggregated data may be kept indefinitely for research. Detailed individual logs are purged after 18 months.
  • Support communications: We keep correspondence for three years to maintain service quality and resolve disputes.

If you need data deleted sooner for specific reasons, explain your situation and we'll see what's possible within legal constraints.

International Data Transfers

Our primary operations are in Thailand, but some service providers operate servers in other countries. When data leaves Thailand, we ensure adequate protection through:

  • Standard contractual clauses approved by data protection authorities
  • Verification that destination countries have adequate privacy laws
  • Additional encryption and access controls for cross-border data

Most of our infrastructure is in Singapore, which Thailand's PDPA recognizes as having sufficient data protection standards.

Cookies and Tracking

Like most websites, we use cookies. Some are essential (they make the site function), while others help us understand usage patterns.

Essential Cookies

These keep you logged in and remember your preferences. They're necessary for the platform to work and can't be disabled.

Analytics Cookies

These track which pages you visit and how long you stay. The data is anonymized and helps us improve the platform. You can opt out through your browser settings.

Marketing Cookies

We don't currently use marketing cookies, but if that changes, we'll ask for your explicit consent first.

Changes to This Policy

Privacy practices evolve as technology and regulations change. We review this policy at least annually and update it when necessary.

Significant changes will be announced via email at least 30 days before taking effect. Minor clarifications or updates to contact information may happen without notice.

The "Last Updated" date at the top of this page always reflects the most recent revision.

Children's Privacy

Our services are designed for investment professionals. We don't knowingly collect information from anyone under 18 years old. If we discover we've accidentally collected such data, we'll delete it immediately.

Questions or Concerns?

If something in this policy concerns you, or if you want to exercise any of your rights, get in touch:

Email: info@connect-neo.com

Phone: +66 2 952 5414

Address: วโรรส5 (ซอย1)55/267, Nikhom Phatthana District, Rayong 21180, Thailand

We aim to respond to all privacy inquiries within five business days. Complex requests may take longer, but we'll keep you updated on progress.

If you're not satisfied with our response, you have the right to lodge a complaint with Thailand's Personal Data Protection Committee.