Privacy Policy
Introduction and Overview
CurrentXByteOn is committed to protecting your privacy and handling your personal data responsibly. This privacy policy explains how we collect, use, and safeguard information when you interact with our security testing and vulnerability assessment services. As a Thailand-based company, we comply with applicable Thai privacy laws while maintaining international best practices for data protection.
We believe transparency builds trust. This document explains our data practices in straightforward terms, so you understand exactly what happens to your information when you work with us.
Information We Collect
During our security testing and assessment services, we collect different types of information depending on your specific needs and engagement requirements.
Contact and Business Information
Your name, email address, phone number, company details, and job title when you request our services or consultations.
Technical System Data
Network configurations, system logs, vulnerability scan results, and security assessment findings related to your infrastructure.
Project Communication
Email correspondence, project documentation, meeting notes, and other communications related to your security assessment projects.
Website Analytics
Basic website usage data including page visits, browser type, and general location information when you visit our website.
How We Use Your Information
We use the information we collect specifically for delivering our security testing and vulnerability assessment services. Here's what that means in practical terms:
- Conducting comprehensive security assessments of your systems and networks
- Preparing detailed vulnerability reports and remediation recommendations
- Communicating project updates, findings, and security recommendations
- Maintaining project records for quality assurance and compliance purposes
- Improving our testing methodologies based on anonymized assessment data
- Responding to your inquiries and providing ongoing technical support
We never use your technical data for purposes beyond your specific security assessment project without explicit written consent.
Data Sharing and Third Parties
Your security data is sensitive, and we treat it accordingly. We maintain strict controls over who can access your information and under what circumstances.
We may share limited information only in these specific situations: with specialized security tools and platforms necessary for conducting thorough assessments, with our certified security professionals who directly work on your project, when required by Thai law enforcement or regulatory authorities, or with your explicit written permission for specific business purposes you've approved.
We never sell your data to marketing companies, share technical findings with competitors, or use your system information for unrelated research projects.
Your Privacy Rights
You have several important rights regarding your personal and technical data. Here's what you can do and how to exercise these rights:
- Request access to all personal data we hold about you and your organization
- Ask for corrections to any inaccurate information in our records
- Request deletion of your data after project completion (subject to legal retention requirements)
- Object to certain types of data processing for legitimate interests
- Request data portability for information you've provided to us
- Withdraw consent for data processing where consent is the legal basis
- File complaints about our data handling practices with relevant authorities
To exercise any of these rights, contact our privacy team using the information provided at the end of this policy. We'll respond to your request within 30 days and explain any limitations that might apply.
Data Security Measures
Given our expertise in cybersecurity, we apply rigorous security measures to protect your data throughout our engagement.
Encryption and Storage
All sensitive data is encrypted both in transit and at rest using industry-standard encryption protocols.
Access Controls
Strict role-based access controls ensure only authorized team members can access specific project data.
Secure Infrastructure
Our systems undergo regular security assessments and maintain multiple layers of protection.
Staff Training
All team members receive ongoing privacy and security training with signed confidentiality agreements.
Data Retention and Deletion
We keep your information only as long as necessary for legitimate business purposes or legal requirements. Here's our standard retention schedule:
| Data Type | Retention Period | Reason |
|---|---|---|
| Project technical data | 2 years after project completion | Support follow-up assessments and warranty obligations |
| Contact information | 5 years after last contact | Business relationship maintenance and legal requirements |
| Financial records | 7 years | Thai tax and accounting law compliance |
| Marketing communications | Until you unsubscribe | Ongoing business communication preferences |
You can request earlier deletion of your data in most cases. We'll honor these requests unless we have legal obligations to retain specific information.
International Data Transfers
While we primarily operate within Thailand, some of our security assessment tools and cloud services may involve data processing in other countries. When this happens, we ensure appropriate safeguards are in place.
We use standard contractual clauses, adequacy decisions, and other approved transfer mechanisms to protect your data when it crosses borders. You'll be informed of any international transfers that affect your specific project data.
Cookies and Website Technology
Our website uses basic analytics cookies to understand how visitors use our site and improve our services. These cookies collect anonymous information about page visits, browser types, and general geographic regions.
We don't use tracking cookies for advertising purposes or share website data with third-party marketers. You can disable cookies in your browser settings, though some website functionality may be limited.
Changes to This Policy
We review and update this privacy policy regularly to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we'll notify existing clients via email and post the updated policy on our website.
Minor updates like clarifications or formatting changes may be made without individual notification, but we'll always update the "Last Modified" date at the top of this document.
Privacy Questions and Contact Information
Chiang Rai 57000, Thailand