SystemixApp Logo

SystemixApp

Financial workflow clarity for education

+66 2 950 7422
[email protected]

Privacy Policy

Effective Date: January 15, 2025

At systemixapp, we take your privacy seriously. This policy explains how we collect, use, store, and protect your personal information when you use our budget approval workflow platform. We operate in compliance with Thailand's Personal Data Protection Act (PDPA) B.E. 2562 (2019) and international data protection standards.

By using our services, you agree to the practices described here. If you have questions or concerns, reach out to us directly — we're here to help.

1. Information We Collect

We collect different types of information depending on how you interact with our platform. Here's what we gather and why:

Personal Information You Provide

When you create an account or use our services, you share information with us directly:

  • Contact details: name, email address, phone number
  • Company information: organization name, position, department
  • Account credentials: username and encrypted password
  • Payment information: billing address and payment method details (processed through secure third-party providers)
  • Communication data: messages you send through our support channels

Information Collected Automatically

Our platform collects technical data to improve functionality and security:

  • Device information: IP address, browser type, operating system
  • Usage data: pages visited, features used, time spent on platform
  • Log files: access times, error reports, system activity
  • Cookies and tracking technologies: session data, preferences, authentication tokens

Workflow and Business Data

To provide our budget approval services, we process:

  • Budget requests and approval workflows
  • Financial documentation you upload
  • Comments and approval notes
  • Team member interactions within the platform

2. How We Use Your Information

We use your data to deliver and improve our services. Specifically:

  • Service Delivery: Process budget approvals, manage workflows, and maintain your account
  • Communication: Send important updates about your account, respond to support requests, and share relevant platform changes
  • Security: Monitor for suspicious activity, prevent fraud, and protect user data
  • Platform Improvement: Analyze usage patterns to enhance features and user experience
  • Legal Compliance: Meet regulatory requirements and respond to legitimate legal requests
  • Business Operations: Process payments, maintain records, and support our internal operations

Legal Basis for Processing (PDPA Compliance): We process your personal data based on consent, contractual necessity, legal obligation, and legitimate business interests. You can withdraw consent at any time, though this may affect your ability to use certain features.

3. Data Sharing and Third Parties

We don't sell your personal information. Period. But we do share data with specific partners who help us operate:

Service Providers

We work with trusted companies that support our operations:

  • Cloud hosting providers for secure data storage
  • Payment processors for billing and transactions
  • Email service providers for communications
  • Analytics tools to understand platform usage
  • Customer support platforms

These partners are contractually required to protect your data and can only use it for specified purposes.

Legal Requirements

We may disclose information when required by law or to protect rights and safety:

  • Responding to court orders or legal processes
  • Complying with Thailand government requests
  • Protecting against fraud or security threats
  • Enforcing our terms of service

Business Transfers

If systemixapp is involved in a merger, acquisition, or sale, your information may be transferred. We'll notify you before this happens and explain any changes to how your data is handled.

4. Data Storage and Security

Protecting your information is a priority. Here's how we do it:

Security Measures

  • End-to-end encryption for data transmission
  • Encrypted storage for sensitive information
  • Multi-factor authentication options
  • Regular security audits and vulnerability assessments
  • Access controls limiting employee access to data
  • Automated backup systems with disaster recovery protocols

Data Location

Your data is primarily stored on secure servers located in data centers that meet international security standards. While our business operates from Thailand (87 Soi 1, Tha Wang Tan, Saraphi District, Chiang Mai 50140), we use cloud infrastructure providers with global operations.

Important: No system is completely secure. While we implement industry-standard protections, we can't guarantee absolute security. You play a role too — use strong passwords, enable two-factor authentication, and report suspicious activity immediately.

5. Your Rights Under Thailand PDPA

Thailand's Personal Data Protection Act gives you specific rights regarding your personal information. You can:

  1. Access Your Data: Request a copy of the personal information we hold about you
  2. Rectification: Correct inaccurate or incomplete information
  3. Erasure: Request deletion of your data (subject to legal retention requirements)
  4. Data Portability: Receive your data in a structured, commonly used format
  5. Object to Processing: Oppose certain uses of your information
  6. Restrict Processing: Limit how we use your data in specific circumstances
  7. Withdraw Consent: Revoke permission for data processing based on consent
  8. Lodge a Complaint: File complaints with the Thailand Personal Data Protection Committee

How to Exercise Your Rights

To make any of these requests:

  • Email us at [email protected] with "Data Rights Request" in the subject line
  • Include your account email and specify which right you're exercising
  • Provide identification to verify your identity (for security purposes)

We'll respond to verified requests within 30 days. If we need more time, we'll let you know why and when to expect a response.

6. Data Retention

We keep your information only as long as necessary for the purposes described in this policy or as required by law.

Retention Periods

  • Active Accounts: Data retained while your account is active
  • Closed Accounts: Most data deleted within 90 days of account closure
  • Financial Records: Retained for 7 years per Thailand tax and accounting laws
  • Legal Hold: Data preserved when involved in legal proceedings
  • Backup Systems: Data in backups deleted according to regular backup cycles (typically 90 days)

After retention periods expire, we securely delete or anonymize your information so it can't be traced back to you.

7. International Data Transfers

Our cloud infrastructure may process data in countries outside Thailand. When we transfer data internationally, we ensure appropriate safeguards:

  • Using service providers that comply with international data protection standards
  • Implementing contractual protections like Standard Contractual Clauses
  • Ensuring adequate security measures regardless of data location
  • Monitoring compliance with Thailand PDPA requirements

We carefully vet all international partners to maintain data protection standards equivalent to Thailand's requirements.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to make our platform work properly and improve your experience.

Types of Cookies We Use

  • Essential Cookies: Required for platform functionality, authentication, and security
  • Performance Cookies: Help us understand how you use the platform to improve features
  • Preference Cookies: Remember your settings and choices

You can control cookies through your browser settings, but disabling essential cookies may affect platform functionality. We don't use advertising or tracking cookies from third-party networks.

9. Children's Privacy

Our services are designed for business use and aren't intended for individuals under 20 years old (the age of majority in Thailand). We don't knowingly collect information from minors.

If you believe we've inadvertently collected data from someone under 20, contact us immediately at [email protected] and we'll delete it promptly.

10. Changes to This Policy

We update this privacy policy occasionally to reflect changes in our practices, technology, or legal requirements. When we make significant changes:

  • We'll update the "Effective Date" at the top of this page
  • We'll notify you via email if you have an account
  • We'll post a notice on our platform for 30 days
  • For material changes affecting your rights, we may request renewed consent

We encourage you to review this policy periodically. Continued use of our services after changes means you accept the updated policy.

11. Third-Party Links

Our platform may contain links to external websites or services. We're not responsible for the privacy practices of these third parties. When you leave our platform, we encourage you to read the privacy policies of any site you visit.

12. Your Responsibilities

You also play a role in protecting your information:

  • Keep your password secure and don't share login credentials
  • Use strong, unique passwords for your account
  • Enable two-factor authentication when available
  • Review access permissions for team members regularly
  • Report suspected security breaches immediately
  • Keep your contact information current
  • Log out when using shared devices

Questions or Concerns?

If you have questions about this privacy policy or how we handle your data, we're here to help. Reach us at:

Email: [email protected]

Phone: +66 2 950 7422

Address: 87 Soi 1, Tha Wang Tan, Saraphi District, Chiang Mai 50140, Thailand

For data protection inquiries specifically, include "Privacy Request" in your subject line for faster routing to our data protection team.