When you work with Firstlinkforge, we collect information that helps us provide better API integration and external service solutions. Here's what we gather and why:

• Contact Information: Your name, email address, phone number, and business address when you reach out for our services
• Business Details: Company name, industry type, current systems information, and project requirements
• Technical Data: API specifications, system configurations, integration requirements, and performance metrics
• Communication Records: Email exchanges, meeting notes, project documentation, and support conversations
• Website Usage: How you navigate our site, pages visited, time spent, and technical information like IP address and browser type

Your information serves specific purposes in our business relationship. We use it to deliver the technical services you've requested and maintain our professional partnership.

• Designing and implementing API integrations tailored to your business needs
• Communicating about project progress, technical updates, and service improvements
• Providing ongoing technical support and troubleshooting assistance
• Sending relevant industry insights and service updates that might benefit your operations
• Improving our integration methodologies based on real project experiences
• Complying with legal requirements and maintaining proper business records

We don't use your information for unrelated marketing campaigns or sell your data to third parties. Everything we do with your information directly supports the services we provide to your business.

We share your information in very limited circumstances, always with your business interests in mind. Here's when and why we might need to share certain details:

• Third-party Integration Partners: When connecting your systems to external APIs, we may need to share relevant technical specifications with service providers
• Cloud Service Providers: Our hosting and data storage partners receive limited technical data necessary for system operations
• Legal Requirements: Thai authorities or courts may request information in compliance with local regulations
• Business Protection: In cases involving security threats, fraud prevention, or protection of our legitimate business interests

Under Thailand's Personal Data Protection Act (PDPA) and our commitment to transparency, you have several rights regarding your personal information:

To exercise any of these rights, simply contact us using the information provided below. We'll respond promptly and help you understand what options are available for your specific situation.

Protecting your information is fundamental to our business. We use industry-standard security measures appropriate for the type of data we handle:

• Encryption: All data transmissions use SSL/TLS encryption, and sensitive stored data is encrypted using AES-256 standards
• Access Controls: Only authorized team members can access your information, and access is limited to what's necessary for their work
• Regular Updates: We maintain current security patches on all systems and conduct regular security assessments
• Backup Security: Data backups are encrypted and stored in secure, geographically separate locations
• Network Protection: Firewalls, intrusion detection, and monitoring systems protect against unauthorized access
• Physical Security: Our offices and data centers have appropriate physical access controls and monitoring

While we implement strong security measures, no system is completely immune to threats. We continuously monitor for potential security issues and will notify you promptly if any incident affects your personal information.

We keep your personal information only as long as necessary for business and legal purposes. Here's our approach to data retention:

• Active Projects: During ongoing integrations, we retain all relevant project data and communications
• Completed Projects: Technical documentation and project records are kept for 7 years to support future maintenance and legal requirements
• Marketing Communications: Contact information for newsletters and updates is retained until you unsubscribe
• Legal Compliance: Some information must be retained longer to meet Thai business law requirements
• Account Closure: When you request account deletion, we remove personal data within 90 days, excluding legally required records

As a Thai-based company serving international clients, we sometimes need to transfer data across borders. Here's how we handle international data movement:

• Most client data stays within Thailand or moves to countries with adequate data protection laws
• When using international cloud services, we ensure providers meet strict data protection standards
• All international transfers comply with Thailand's PDPA requirements for cross-border data movement
• We use contractual safeguards and standard data protection clauses for any necessary transfers
• You'll be informed if your specific project requires data transfer to countries without adequate protection

Our goal is to minimize international data transfers while still providing effective integration services that may involve global API connections.

Our website uses cookies and similar technologies to improve your browsing experience and understand how you use our services:

• Essential Cookies: Necessary for basic website functionality, including security and account access
• Analytics Cookies: Help us understand which pages are most useful and how people navigate our site
• Preference Cookies: Remember your settings and choices to personalize your experience
• Marketing Cookies: Used sparingly to show relevant information about our services on other websites

You can control cookie settings through your browser preferences. Blocking certain cookies might affect website functionality, but you'll still be able to access most of our content and services.

We review and update this privacy policy regularly to reflect changes in our services, legal requirements, and industry best practices. When we make significant changes:

• We'll notify existing clients by email at least 30 days before changes take effect
• The updated policy will be posted on our website with a clear "last updated" date
• For material changes affecting how we use your data, we may seek your explicit consent
• You'll always have the option to withdraw consent or discontinue services if you disagree with policy changes

We encourage you to review this policy periodically, especially before starting new projects with us. Understanding how we handle your information helps build trust in our business relationship.