Privacy Policy
Last updated: January 30, 2026
Compliant with Thailand's Personal Data Protection Act (PDPA)
This policy is prepared in compliance with Thailand's Personal Data Protection Act B.E. 2562 (2019).
Vexio values your privacy. This policy explains how we collect, use, disclose, and protect your personal data.
1. Information We Collect
We collect the following types of information:
1.1 Information You Provide Directly
- Name and contact information (email, phone number)
- Company/organization information
- Payment information
- Information you provide in forms or when contacting us
1.2 Information Collected Automatically
- Platform usage data (log data)
- Device and browser information
- IP address and approximate location
- Cookies and similar technologies
1.3 Information from Other Sources
- Information from connected channels (LINE, Facebook, Instagram, etc.)
- Conversations with your customers
- Information from Social Login authentication
2. Purpose of Data Use
We use your information to:
- Provide and maintain the platform
- Process payments and manage accounts
- Communicate with you about services, updates, and offers
- Analyze and improve our services
- Detect and prevent fraud and misuse
- Comply with laws and regulations
- Provide customer service and technical support
3. Legal Basis for Processing
We process your data based on the following legal grounds:
| Legal Basis | Description |
|---|---|
| Contract | Necessary for providing services as you requested |
| Consent | For marketing and non-essential communications |
| Legitimate Interest | For service improvement and security |
| Legal Obligation | When required by law |
4. Third-Party Data Sharing
We may share your information with:
- Service Providers: Companies that help us operate services (payment systems, hosting, analytics)
- Connected Platforms: LINE, Facebook, Instagram, and others as you connect
- Authorities: When required by law or to protect our rights
- Business Transferees: In case of merger, acquisition, or asset sale
We will not sell your personal data to third parties.
5. Data Security
We implement appropriate security measures:
- SSL/TLS encryption for data transmission
- Encryption of sensitive data in database
- Strict access control to data
- Regular security audits and testing
- Data backup and disaster recovery plan
6. Data Retention Period
We retain your data for as long as necessary for the stated purposes:
- Account data: Throughout the account's active period and 2 years after cancellation
- Payment data: 7 years as required by tax law
- Conversation data: According to your settings, or 1 year after account cancellation
7. Your Rights Under PDPA
You have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Request correction of inaccurate data
- Right to Erasure: Request deletion of your data
- Right to Restriction: Request restriction of data processing
- Right to Portability: Request data in machine-readable format
- Right to Object: Object to certain types of data processing
- Right to Withdraw Consent: Withdraw consent at any time
To exercise these rights, please contact our Data Protection Officer. We will respond within 30 days.
8. Cookies and Tracking Technologies
We use cookies and similar technologies for:
- Essential Cookies: For basic website functionality
- Analytics Cookies: To understand usage and improve services
- Preference Cookies: To remember your settings and preferences
You can manage cookies through your browser settings, but disabling some cookies may affect service functionality.
9. International Data Transfer
Your data may be transferred to and processed in countries with different data protection laws than Thailand. We will ensure appropriate safeguards are in place for such transfers.
10. Children
Our services are not intended for individuals under 18 years of age. If we learn that we have collected data from a child without parental consent, we will take steps to delete such information.
11. Policy Changes
We may update this policy from time to time. Significant changes will be notified to you via email or platform notification. Please review this policy regularly.
12. Contact Us
If you have questions about this policy or wish to exercise your rights, please contact:
Data Protection Officer (DPO)
- Company: Vexelcode Co., Ltd.
- Email: [email protected]
- Address: Bangkok, Thailand