Privacy Policy | Thammasak Legal Services

1. Introduction

Thammasak ("we", "us", "our") is committed to protecting the privacy and personal data of individuals who visit our website or engage our legal services. This Privacy Policy explains what personal data we collect, for what purposes, and how it is handled. It applies to all visitors to our website at thammaass and to clients and prospective clients who contact us or engage our services.

Our processing of personal data is carried out in accordance with Thailand's Personal Data Protection Act B.E. 2562 (PDPA). Any questions about this policy or our data practices may be directed to privacy@thammaass.

2. Data Controller

The data controller responsible for your personal data is Thammasak, located at 191/46 Silom Road, Suriyawong, Bang Rak, Bangkok 10500, Thailand. Contact: privacy@thammaass | +66 2 631 5284.

3. Personal Data We Collect

We may collect the following categories of personal data:

Contact information: name, email address, telephone number, postal address
Enquiry content: the substance of messages submitted through our contact form or sent by email
Matter-related information: documents and information provided in the course of a legal engagement
Technical data: IP address, browser type, pages visited, and session duration (collected via analytics cookies, where consented)
Preference data: cookie consent choices stored locally on your device

We collect personal data through the contact form on our website, by direct email or telephone communication, and through documents provided during an engagement.

4. Legal Basis for Processing

Consent: Where you have provided consent, including for non-essential cookies or for receiving communications from us.
Contract performance: Where processing is necessary to perform or prepare for an engagement agreement.
Legal obligation: Where processing is required by law, including record-keeping obligations applicable to legal practitioners in Thailand.
Legitimate interests: For purposes such as improving our website, responding to enquiries, and maintaining records of client interactions, where those interests are not overridden by your rights.

5. How We Use Your Personal Data

Responding to enquiries submitted via the contact form or by other means
Providing and administering legal services where an engagement is entered into
Preparing engagement documentation and written scopes of work
Complying with statutory record-keeping and professional obligations under Thai law
Improving and maintaining our website
Sending service-related communications relevant to your enquiry or engagement

We do not use your personal data for unsolicited marketing or share it with third parties for marketing purposes.

6. Data Retention

Personal data collected through the contact form and enquiries will be retained for a period of three years from the date of last contact, unless an engagement is entered into. For clients who have engaged our services, matter-related data and correspondence is retained for a minimum of ten years in accordance with professional obligations. Technical and analytics data is retained for no more than thirteen months.

7. Data Sharing

We do not sell or rent personal data. We may share personal data with:

Government authorities: where required by Thai law or legal process, including the Department of Intellectual Property, Land Offices, and the Department of Business Development, as relevant to the matter.
Third-party service providers: such as website hosting and analytics services, subject to appropriate data processing agreements.
Professional advisors: such as accountants or translators engaged in connection with a specific matter, under confidentiality obligations.

International transfers of personal data outside Thailand will only occur where adequate protections are in place in accordance with the PDPA.

8. Cookies

Our website uses cookies. Essential cookies are required for the site to function and cannot be declined. Analytics and preference cookies are optional and require your consent. For full details, please see our Cookie Policy.

9. Data Security

We maintain appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. Client documents shared digitally are handled through encrypted communication channels. Access to client files is restricted to the attorney responsible for the matter and, where necessary, their direct support staff.

In the event of a personal data breach that poses a risk to your rights, we will notify you and, where required, the Office of the Personal Data Protection Committee (PDPC) in accordance with PDPA timelines.

10. Third-Party Links

Our website may contain links to external websites, including government department portals. We are not responsible for the privacy practices of those sites and recommend reviewing their own policies.

11. Children's Privacy

Our services are directed at individuals aged 18 and over. We do not knowingly collect personal data from minors. If we become aware that personal data has been submitted by a person under 18, we will take steps to delete it.

12. Your Rights Under the PDPA

As a data subject under Thai law, you have the following rights regarding your personal data held by us:

Right to access: to request a copy of the personal data we hold about you
Right to rectification: to request correction of inaccurate data
Right to erasure: to request deletion of your data, subject to legal retention requirements
Right to data portability: to receive your data in a structured, commonly used format
Right to object: to object to processing based on legitimate interests
Right to withdraw consent: at any time where processing is based on consent, without affecting prior lawful processing
Right to lodge a complaint: with the Office of the Personal Data Protection Committee (PDPC) in Thailand

To exercise any of these rights, please contact us at privacy@thammaass. We will respond within 30 days.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The most current version will always be available on our website. Material changes will be communicated by updating the "Last Updated" date at the top of this page. Continued use of our services after a policy update constitutes acceptance of the revised terms.

14. Contact for Privacy Matters

For any questions, requests, or concerns relating to this policy or our data practices, please contact:

Email: privacy@thammaass
Phone: +66 2 631 5284
Address: 191/46 Silom Road, Suriyawong, Bang Rak, Bangkok 10500, Thailand