Bodhi Consult Get in Touch
Legal

Privacy Policy

Last updated: 15 March 2025

1. Introduction

Bodhi Consult ("we", "us", "our") is committed to handling personal data with care and transparency. This Privacy Policy explains how we collect, use, store, and protect personal data when you engage with our website or enquire about our services. It applies to all personal data we process in connection with our advisory practice.

If you have questions about this policy, you can reach us at privacy@bodhiconed.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Contact details: name, email address, telephone number.
  • Enquiry content: information you provide in a contact form or by email.
  • Usage data: pages visited, time on site, browser type, IP address — collected via analytics cookies where you have consented.
  • Client engagement data: financial documents and related information shared as part of an advisory engagement. This data is collected and handled under a separate non-disclosure agreement.

3. How We Use Your Data

We use personal data for the following purposes:

  • Responding to enquiries and communicating about potential engagements.
  • Delivering advisory services to clients under a signed engagement agreement.
  • Improving our website and understanding how it is used (with your consent).
  • Complying with applicable Thai legal and regulatory requirements.

We do not use personal data for automated decision-making or profiling. We do not sell personal data to third parties.

4. Legal Basis for Processing

We process personal data on the following legal bases under the Thailand Personal Data Protection Act B.E. 2562 (PDPA):

  • Consent: for analytics cookies and marketing communications, where you have given explicit consent.
  • Contract: for data processed in connection with an engagement agreement.
  • Legitimate interests: for responding to enquiries and improving our practice.
  • Legal obligation: where required by Thai law.

5. Data Sharing

We do not share personal data with third parties except in the following circumstances:

  • Service providers who assist with website hosting and analytics — under data processing agreements.
  • Where required by Thai law or by a competent authority.
  • With your explicit consent in other circumstances.

We do not transfer personal data outside of Thailand unless appropriate safeguards are in place.

6. Data Retention

We retain personal data for as long as necessary for the purpose for which it was collected:

  • Enquiry data: retained for 12 months after the enquiry, or longer if an engagement is agreed.
  • Client engagement data: retained for 7 years following the end of the engagement, in accordance with Thai accounting and commercial law requirements.
  • Analytics data: retained for 26 months.

After the applicable retention period, data is deleted or anonymised.

7. Cookies

We use cookies on our website. Essential cookies are required for the site to function and cannot be disabled. Analytics and marketing cookies are optional and used only with your consent. For full details, see our Cookie Policy.

8. Your Rights

Under the Thailand PDPA, you have the following rights in relation to your personal data:

  • The right to access personal data we hold about you.
  • The right to correct inaccurate or incomplete data.
  • The right to request deletion of your data in certain circumstances.
  • The right to object to processing based on legitimate interests.
  • The right to withdraw consent at any time where processing is based on consent.
  • The right to data portability in a structured, commonly used format.
  • The right to lodge a complaint with the Personal Data Protection Committee of Thailand.

To exercise any of these rights, contact us at privacy@bodhiconed. We will respond within 30 days.

9. Data Security

We maintain appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. Client financial documents are stored on encrypted systems with access limited to the engagement team. We notify affected individuals and relevant authorities in the event of a data breach, as required by the PDPA.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before submitting any personal data.

11. Children's Privacy

Our services are not directed at persons under 18 years of age. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of our website after such changes constitutes acceptance of the revised policy.

13. Contact

For any questions or requests related to this Privacy Policy or the handling of your personal data:

  • Email: privacy@bodhiconed
  • Address: 88/4 Silom Road, Silom, Bang Rak, Bangkok 10500, Thailand