Information We Collect

We collect different types of information depending on how you use our platform. Here's what we gather and why it matters:

Information You Provide Directly

• Account Information: When you register for our courses, we collect your name, email address, phone number, and billing details. This helps us create your account and process enrollments.
• Profile Data: Educational background, professional experience, and career goals you share help us tailor content recommendations to your learning path.
• Course Interactions: Your quiz answers, assignment submissions, and discussion forum posts help us track your progress and provide meaningful feedback.
• Communication Records: When you contact our support team or instructors, we keep those conversations to improve our service and resolve issues.
• Payment Information: Credit card details and transaction history are processed through secure payment providers. We store only essential billing records.

Automatically Collected Data

• Device Information: IP address, browser type, operating system, and device identifiers help us optimize platform performance.
• Usage Analytics: We track which pages you visit, how long you spend on lessons, and which features you use most often.
• Cookies and Similar Technologies: Small data files stored on your device help us remember your preferences and keep you logged in.
• Location Data: General geographic location (city/region level) helps us provide relevant content and comply with regional requirements.

How We Use Your Information

Your data serves specific purposes that directly benefit your learning experience. We don't use your information for unrelated activities.

Data Sharing and Disclosure

We limit data sharing to essential partners who help us operate the platform. We never sell your personal information to third parties.

Service Providers We Work With

• Payment Processors: Secure payment gateways handle credit card transactions. They receive only the information needed to process payments.
• Email Service Providers: Platforms that deliver course notifications and announcements access your email address and communication preferences.
• Cloud Hosting: Our infrastructure providers store course content and user data in secure data centers.
• Analytics Tools: Services that help us understand platform usage patterns receive anonymized or aggregated data.
• Customer Support Systems: Help desk software stores your support tickets and communication history.

Required Disclosures

We may disclose your information when legally required to comply with Thai law, court orders, government requests, or to protect our legal rights and user safety. We'll notify you of such requests unless prohibited by law.

Your Privacy Rights

Under Thailand's PDPA and international data protection standards, you have specific rights regarding your personal information. Here's how to exercise them:

How to Submit Requests

Email your privacy requests to [email protected] with "Privacy Request" in the subject line. Include your full name and the email address associated with your account. We'll verify your identity before processing the request and respond within 30 days.

Data Security Measures

We implement multiple layers of security to protect your information from unauthorized access, alteration, or destruction.

Technical Safeguards

• Encryption: All data transfers use TLS 1.3 encryption. Sensitive information is encrypted at rest using AES-256 standards.
• Access Controls: Employee access to user data is restricted based on job requirements. All access is logged and monitored.
• Secure Infrastructure: Our servers are hosted in certified data centers with physical security measures and redundant systems.
• Regular Security Audits: Third-party security firms conduct annual penetration tests and vulnerability assessments.
• Backup Systems: Automated daily backups ensure data recovery in case of technical failures.

Organizational Measures

All staff members receive data protection training. We maintain incident response procedures and will notify affected users within 72 hours of discovering any data breach that poses risks to your rights.

Data Retention and Deletion

We keep your information only as long as necessary for legitimate business purposes and legal requirements.

Retention Periods

• Active Accounts: Your data remains accessible while your account is active and for 2 years after your last login.
• Course Records: Assignment submissions and quiz results are retained for 5 years to support certificate verification and academic integrity.
• Financial Records: Transaction history and invoices are kept for 7 years to comply with Thai accounting requirements.
• Communication Logs: Support tickets and email correspondence are archived for 3 years for quality assurance purposes.
• Marketing Data: Contact information for promotional purposes is deleted within 6 months after you unsubscribe.

Account Deletion Process

When you request account deletion, we deactivate your profile immediately and permanently delete most personal data within 90 days. Some information may be retained in backup systems for up to 6 months before complete removal. Records required for legal compliance are archived separately with restricted access.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to provide functionality and improve your experience. You can control most cookies through your browser settings.

Types of Cookies We Use

• Essential Cookies: Required for basic platform functionality like login sessions and course access. These cannot be disabled.
• Performance Cookies: Collect anonymous data about how you use our site to help us identify technical issues and optimize loading times.
• Functional Cookies: Remember your preferences such as language settings and playback speed for video lessons.
• Analytics Cookies: Help us understand which content is most valuable and where learners encounter difficulties.

Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling essential cookies will prevent you from accessing certain features of our platform.

International Data Transfers

While Glowlyconnect operates primarily in Thailand, some of our service providers are located in other countries. When we transfer your data internationally, we ensure appropriate safeguards are in place.

Children's Privacy

Our services are designed for adults and professionals. We do not knowingly collect information from individuals under 18 years of age. If you're under 18, please obtain parental consent before using our platform.

If we discover we've collected data from someone under 18 without proper consent, we'll delete that information promptly. Parents or guardians who believe we've collected information from a minor should contact us immediately.

Third-Party Links and Services

Our platform may contain links to external websites, resources, or tools mentioned in course materials. These third-party sites have their own privacy policies that we don't control.

We encourage you to review the privacy policies of any external site you visit. We're not responsible for the privacy practices or content of third-party websites, even if accessed through links on our platform.

Changes to This Policy

We update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we'll notify you through email or a prominent notice on our platform.

Continued use of our services after policy updates constitutes acceptance of the revised terms. We recommend reviewing this policy regularly to stay informed about how we protect your information.

Complaints and Disputes

If you have concerns about how we handle your personal data, please contact us first so we can attempt to resolve the issue directly. We take all privacy complaints seriously and will investigate thoroughly.

You also have the right to lodge a complaint with Thailand's Personal Data Protection Committee or other relevant supervisory authority if you believe we've violated data protection laws.