Legal
Privacy Policy
Last Updated: 10 June 2025 · Effective Date: 10 June 2025
This Privacy Policy describes how Neuronest ("we", "us", "our") collects, uses, and protects personal data provided by learners, visitors, and enquirers. We operate in accordance with Thailand's Personal Data Protection Act B.E. 2562 (PDPA). If you have questions about how your data is handled, contact us at [email protected].
1. Data Controller
The data controller for personal data processed under this policy is:
Neuronest
240 Rama IV Road, Khlong Toei, Bangkok 10110, Thailand
Email: [email protected]
Phone: +66 97 514 6082
2. Data We Collect
2.1 Information You Provide
- Name — collected via enquiry and enrolment forms
- Email address — used for enquiry responses and enrolment communication
- Phone number — collected optionally; used if you request a call
- Message content — the text you submit in contact forms
- Course submissions and project files — uploaded as part of your enrolled track
2.2 Data Collected Automatically
- Browser type, device type, and operating system
- Pages visited, time spent, and navigation paths via analytics cookies (if consent given)
- IP address (anonymised where technically possible)
3. Legal Basis for Processing
- Consent — analytics and marketing cookies, collected with your agreement via the cookie consent modal
- Contract performance — data required to deliver the course you enrol in
- Legitimate interests — responding to enquiries, improving course quality, and site security
- Legal obligation — data retained as required by applicable Thai law
4. How We Use Your Data
- Responding to enquiries submitted through our contact form
- Managing enrolment and providing access to course materials
- Sending mentor feedback and support communications
- Sending essential programme updates (e.g. content changes)
- Improving course materials and the website experience
- Complying with legal and regulatory requirements
We do not use your personal data for automated decision-making or profiling.
5. Data Retention
- Enquiry data (non-enrolled): retained for 12 months, then deleted
- Enrolment and course data: retained for 3 years after course completion
- Financial transaction records: retained for 7 years as required by Thai accounting law
- Analytics data: retained in anonymised aggregate form; individual session data deleted after 26 months
6. Data Sharing
We do not sell personal data. We share data only in the following circumstances:
- Service providers — hosting providers and email delivery services operating under data processing agreements
- Analytics tools — aggregate, anonymised usage data shared with analytics providers (only if you consent to analytics cookies)
- Legal requirements — if required by Thai law, court order, or regulatory authority
7. Cookies
We use essential cookies (required for site function), analytics cookies (to understand how learners use the site), and preference cookies (to remember settings). Non-essential cookies are only placed with your consent, given through the cookie banner on first visit.
See our Cookie Policy for full details and controls.
8. Data Security
- Data transmitted via HTTPS encryption
- Access to personal data restricted to staff who need it to deliver the course or respond to enquiries
- Course submission files stored on servers in access-controlled environments
- Regular review of security practices and third-party service agreements
In the event of a personal data breach that poses a risk to your rights, we will notify the Office of the Personal Data Protection Committee (PDPC) within 72 hours and affected individuals as required by the PDPA.
9. Your Rights Under the PDPA
As a data subject under Thailand's PDPA, you have the following rights:
- Right to access — request a copy of personal data we hold about you
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your data where there is no lawful reason for us to retain it
- Right to data portability — receive your data in a structured, commonly used format
- Right to object — object to processing based on legitimate interests
- Right to withdraw consent — withdraw consent at any time without affecting prior processing
- Right to lodge a complaint — with the Office of the Personal Data Protection Committee (PDPC) if you believe your rights have been violated
To exercise any of these rights, email [email protected]. We will respond within 30 days.
10. Children's Privacy
Neuronest courses are intended for individuals aged 18 and above. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected data from a minor, we will delete it promptly.
11. Third-Party Links
Our website may contain links to external resources. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any external sites you visit.
12. Changes to This Policy
We may update this policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. Continued use of our services after changes take effect constitutes acceptance of the updated policy. For material changes, we will notify enrolled learners by email.
13. Contact
For questions, data access requests, or concerns about this policy:
Neuronest — Data Privacy
240 Rama IV Road, Khlong Toei, Bangkok 10110, Thailand
Email: [email protected]
Phone: +66 97 514 6082