Privacy Statement

Last updated: 2026-02-09 · Contact: hello@network-pointgrid.digital

1. Retention

We retain contact form submissions, enquiry correspondence, and contractual records for as long as necessary to fulfil the purposes described in this statement, unless a longer period is required by accounting, taxation, or dispute resolution obligations under Thai law. Training attendance logs may be retained to evidence delivery for a period agreed in your engagement letter. When retention periods expire, we delete or anonymise information using reasonable technical and organisational measures.

2. Your rights

Subject to applicable Thai PDPA provisions, you may request access, rectification, deletion, restriction, or portability of personal data we control, and you may object to certain processing. Requests should be emailed to the address below with sufficient detail for us to verify identity. We will respond within timelines required by law. You may lodge a complaint with the Office of the Personal Data Protection Committee if you believe your rights have been infringed and domestic remedies are exhausted.

3. Data collected

We may collect identifiers (name, email, phone), professional information (title, organisation), technical data (IP address, device type, browser), and message content you submit through forms. Virtual sessions may generate attendance metadata such as join timestamps. We do not intentionally collect sensitive health data through marketing forms; please do not include patient identifiers in free-text fields.

4. Contact

Questions about this Privacy Statement may be directed to hello@network-pointgrid.digital. For formal data subject requests, include the phrase “PDPA Request” in the subject line and describe the information you seek or the correction you require. We may request additional documentation to protect personal data from unauthorised disclosure.

5. Third parties

We use infrastructure and communications processors that may access personal data solely to provide services to us, such as email delivery and secure hosting. Contracts require subprocessors to implement appropriate confidentiality and security measures. We do not sell personal data. If we reorganise or merge, personal data may transfer to successors under safeguards consistent with this statement.