K Klairo Contact Us

Legal

Privacy Policy

Last updated: 1 March 2025

1. Introduction

Klairo ("we", "us", "our") is committed to handling personal information responsibly and transparently. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and what rights you have in relation to it.

This policy applies to personal data collected through our website and through our consulting engagements. It is governed by the Personal Data Protection Act B.E. 2562 (PDPA) of Thailand.

For questions about this policy or our data practices, please contact us at [email protected].

2. Data We Collect

2.1 Information you provide

  • Name and contact details (email address, phone number) submitted via our enquiry form
  • Information about your organisation and business situation shared during discovery conversations
  • Documents, data, and communications shared as part of a consulting engagement

2.2 Information collected automatically

  • Technical data: IP address, browser type, device type, operating system
  • Usage data: pages visited, time spent on pages, referring URLs
  • Cookie data (see our Cookie Policy for details)

2.3 Information from third parties

We may receive limited information about you from referrers or professional contacts when you are introduced to us. We will handle such information under this policy from the point of receipt.

3. How We Use Your Data

  • Responding to enquiries: To contact you following a website submission or referral introduction
  • Delivering services: To conduct research, produce reports, and facilitate sessions as part of a consulting engagement
  • Improving our services: Aggregated, anonymised usage data helps us understand how our website is used
  • Legal compliance: To meet obligations under Thai law and any applicable contractual requirements

We do not use personal data for unsolicited marketing. We do not sell, rent, or trade your personal information with third parties for commercial purposes.

4. Legal Basis for Processing

  • Consent: For optional cookies and marketing communications, where you have given explicit consent
  • Contractual necessity: To perform obligations under a consulting engagement agreement
  • Legitimate interests: For website analytics and security, where our interests do not override your rights
  • Legal obligation: Where required by Thai law or regulatory authority

5. Data Retention

We retain personal data only for as long as necessary for the purposes described in this policy:

  • Enquiry data: up to 12 months from last contact if no engagement proceeds
  • Engagement data: up to 3 years from engagement close, unless a longer retention period is required by law or agreed in writing
  • Analytics data: aggregated and anonymised; retained indefinitely in non-identifiable form

6. Data Security

We take reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, and destruction. These measures include:

  • Encrypted communications (HTTPS/TLS) for all website data transmission
  • Access controls limiting data access to individuals who require it for their work
  • Secure file storage with regular security reviews
  • Confidentiality agreements signed by all personnel

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within the timeframes required under Thai PDPA.

7. Third-Party Services

We use limited third-party services that may process personal data on our behalf, including analytics providers. These providers are selected for their compliance with applicable data protection standards and are bound by data processing agreements.

Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites and encourage you to review their policies independently.

8. Cookies

We use cookies for essential functionality and optional analytics. You can manage your cookie preferences at any time through our Cookie Policy page.

9. Your Rights

Under the Thai Personal Data Protection Act, you have the following rights in relation to your personal data:

  • Right to access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your data where no legal basis for retention remains
  • Right to restriction: Request that we limit processing while a dispute is resolved
  • Right to portability: Receive your data in a structured, machine-readable format where technically feasible
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

10. Children's Privacy

Our services are directed at businesses and professionals. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that we have inadvertently received data from a minor, we will delete it promptly.

11. Supervisory Authority

If you believe your data protection rights have been violated and we have not resolved your concern satisfactorily, you have the right to lodge a complaint with the Personal Data Protection Committee (PDPC) of Thailand, the relevant supervisory authority.

12. Policy Updates

We may update this policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page indicates when it was last revised. Continued use of our website after an update constitutes acceptance of the revised policy.

13. Contact

Data controller: Klairo
Address: 44 Wireless Road, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Email: [email protected]
Phone: +66 2 251 7493