Privacy Policy

1. Introduction

Garuda Wealth ("we", "us", "our") is committed to handling personal data with care, transparency, and respect. This policy explains what information we collect, how we use it, and what your rights are under the Thai Personal Data Protection Act B.E. 2562 (PDPA) and other applicable data protection frameworks.

This policy applies to all personal data we collect through our website, enrolment processes, and learner support activities. By engaging with our services, you agree to the practices described here.

Data Controller: Garuda Wealth, 412 Rama IV Road, Khlong Toei, Bangkok 10110, Thailand. Contact for data enquiries: [email protected]

2. Data We Collect and How

Information you provide directly

• Name and email address (contact forms, enrolment)
• Phone number (if provided voluntarily)
• Message content from enquiry forms
• Program responses and exercise submissions (for enrolled learners)

Information collected automatically

• Website usage data via analytics cookies (page visits, session duration)
• Browser type, device type, and general geographic region
• Referring website or search term

Legal basis for processing

• Contract performance — to deliver programs you have enrolled in
• Legitimate interest — to understand how our website is used and improve it
• Consent — for optional communications and non-essential cookies
• Legal compliance — where Thai law requires us to retain certain records

Retention periods

• Contact form submissions: 12 months from receipt
• Enrolled learner records: 36 months from program completion
• Financial transaction records: 7 years (Thai accounting requirements)
• Analytics data: 26 months (aggregated, not individually identifiable)

3. How We Use Your Data

• Responding to enquiries and pre-enrolment conversations
• Processing enrolments and delivering program materials
• Providing learner support during your program
• Sending program-related communications (progress reminders, support responses)
• Improving our programs using aggregated feedback data
• Understanding website usage patterns to improve navigation and content
• Meeting our legal and accounting obligations under Thai law

We do not sell, rent, or trade your personal data to any third party for commercial purposes.

4. Data Protection Measures

• Data transmitted through our website is encrypted using TLS/HTTPS
• Internal access to learner data is restricted to staff with a direct program-delivery role
• We do not store payment card details — payments are processed through third-party Thai payment providers with their own PCI-DSS compliance
• In the event of a data breach affecting personal data, we will notify affected individuals and the relevant Thai authority within the timeframes required by the PDPA
• Access controls and systems are reviewed periodically

5. Cookies

We use cookies to understand how visitors use our website and to remember your preferences. Essential cookies support basic site functionality; analytics and preference cookies are optional and require your consent. For full details, see our Cookie Policy.

6. Third-Party Services

• Analytics: we may use a web analytics service to collect aggregated usage data. These providers process data under their own privacy policies.
• Payment processing: Thai payment providers process transactions on our behalf. We do not receive or retain card details.
• Email infrastructure: we use a transactional email service to deliver program communications.

Third-party links on our website lead to sites with their own privacy practices, for which we are not responsible.

7. Your Rights Under Thai PDPA

Under the Thai Personal Data Protection Act, you have the following rights:

• Access: to request a copy of the personal data we hold about you
• Rectification: to ask us to correct inaccurate or incomplete data
• Erasure: to request deletion of your data, subject to legal retention requirements
• Portability: to receive your data in a structured, machine-readable format
• Objection: to object to processing based on legitimate interest
• Withdrawal of consent: to withdraw consent for optional processing at any time without affecting prior processing
• Complaint: to lodge a complaint with the Personal Data Protection Committee of Thailand if you believe your rights have not been respected

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Children's Privacy

Our programs are designed for adults forty and over. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that we hold data from a minor, we will delete it promptly.

9. International Data Transfers

We process data primarily within Thailand. Where any data is processed by a third-party service provider in another jurisdiction, we require appropriate safeguards to be in place in accordance with PDPA requirements for cross-border transfers.

10. Changes to This Policy

We may update this policy to reflect changes in our practices or applicable law. When we do, we will update the "Last Updated" date at the top. We encourage you to review this policy periodically. Continued use of our services after an update constitutes acceptance of the revised policy.

11. Contact Us

For data-related questions or to exercise your rights, please contact:

• Email: [email protected]
• Post: Garuda Wealth, 412 Rama IV Road, Khlong Toei, Bangkok 10110, Thailand