Privacy Policy

Conzento Global, operated by Reddot Digital Co., Ltd. ("we," "us," or "our"), is committed to protecting the privacy and personal data of individuals who visit our website at conzento.ai ("the Website") and use our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in accordance with the Thailand Personal Data Protection Act B.E. 2562 (2019) ("PDPA") and other applicable data protection laws in the jurisdictions where we operate, including Vietnam, Indonesia, and other Southeast Asian countries.

As a provider of data governance and PDPA compliance solutions, we hold ourselves to the highest standards of data protection. We practice what we preach.

The data controller responsible for your personal data is:

We collect the following categories of personal data:

3.1 Information You Provide Directly

• Contact information: name, email address, phone number, company name, and job title when you fill out contact forms, request demos, or subscribe to communications
• Account information: credentials and profile data if you create an account to access our services
• Communication data: the content of messages you send to us through email, contact forms, or chat
• Business information: company name, industry, size, and data governance needs shared during consultations

3.2 Information Collected Automatically

• Device information: browser type, operating system, screen resolution, and device identifiers
• Usage data: pages visited, features used, time spent on pages, click patterns, and navigation paths
• Network data: IP address, approximate geographic location (country/region level), and referring URLs
• Cookie and tracking data: information collected through cookies, pixels, and similar technologies (see Section 9)

3.3 Information from Third Parties

• Analytics data from Google Analytics and Google Tag Manager
• Bot protection verification data from Cloudflare Turnstile
• Publicly available business information from LinkedIn or company websites

We process your personal data for the following purposes:

• Service delivery: To provide, maintain, and improve our data governance and PDPA compliance platform
• Communication: To respond to your inquiries, send requested information, and provide customer support
• Marketing: To send you relevant updates, newsletters, and promotional content about our services (with your consent)
• Analytics and improvement: To understand how users interact with our Website and improve our services
• Security: To protect against unauthorized access, fraud, and other security threats
• Legal compliance: To comply with applicable laws, regulations, and legal processes
• Demo and consultation: To schedule and conduct product demonstrations and consultations
• Bot protection: To verify that interactions with our Website are from genuine human users via Cloudflare Turnstile

Under the PDPA, we process your personal data based on the following legal grounds:

We do not sell your personal data. We may share your personal data with the following categories of recipients:

6.1 Service Providers

• Cloud hosting: Microsoft Azure (data center locations in Southeast Asia)
• Analytics: Google Analytics and Google Tag Manager for website usage analysis
• Security: Cloudflare for CDN, DDoS protection, and Turnstile bot verification
• Communication: Email service providers for transactional and marketing communications

6.2 Other Disclosures

• Legal authorities: When required by law, court order, or regulatory request
• Business transfers: In connection with a merger, acquisition, or sale of assets (with prior notice)
• With your consent: When you have explicitly authorized us to share your data

All third-party service providers are contractually required to protect your personal data and process it only in accordance with our instructions and applicable data protection laws.

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

• Contact and inquiry data: 2 years from your last interaction with us
• Customer account data: For the duration of the service agreement plus 3 years for legal compliance
• Website analytics data: 26 months (as configured in Google Analytics)
• Marketing consent records: For the duration of the consent plus 1 year after withdrawal
• Legal and regulatory records: As required by applicable Thai law (typically 5-10 years)

When personal data is no longer needed, we securely delete or anonymize it in accordance with our data retention and destruction procedures.

Under the PDPA, you have the following rights regarding your personal data. You may exercise these rights by contacting our Data Protection Officer at [email protected].

We will respond to your request within 30 days of receipt. In certain cases, we may request additional information to verify your identity before processing your request.

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver targeted content. Below are the categories of cookies we use:

9.1 Strictly Necessary Cookies

These cookies are essential for the Website to function and cannot be disabled. They include session management, language preference (NEXT_LOCALE), and security tokens.

9.2 Analytics Cookies

We use Google Analytics (via Google Tag Manager, ID: GTM-N5R7FZCF) to collect anonymized usage data about how visitors interact with our Website. This helps us understand traffic patterns and improve our services. Google Analytics cookies include _ga, _ga_*, and _gid.

9.3 Marketing and Conversion Cookies

We use Google Ads conversion tracking (ID: AW-954200715) to measure the effectiveness of our advertising campaigns. These cookies help us understand which ads lead to website visits.

9.4 Security Cookies

We use Cloudflare Turnstile as a bot protection mechanism on our contact forms. Turnstile may set cookies to distinguish between human users and automated bots without requiring CAPTCHA challenges.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our Website.

As Conzento Global serves customers across Southeast Asia (Thailand, Vietnam, Indonesia, and other markets), your personal data may be transferred to and processed in countries outside your country of residence.

When we transfer personal data internationally, we ensure appropriate safeguards are in place in accordance with the PDPA (Section 28), including:

• Transferring data only to countries with adequate data protection standards as recognized by the Personal Data Protection Committee
• Implementing appropriate contractual safeguards with data processors in other jurisdictions
• Obtaining your consent for transfers where required by applicable law
• Ensuring our cloud infrastructure providers (Microsoft Azure) maintain data residency options within the ASEAN region

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication mechanisms
• Employee training on data protection and information security
• Incident response procedures for data breaches
• ISO 27001 certified information security management practices

Our Website and services are not directed to individuals under the age of 20 (the age of majority under Thai law for PDPA purposes, unless the minor is emancipated by marriage). We do not knowingly collect personal data from children under 20 without verifiable parental or guardian consent. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete such data promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this policy
• Post a prominent notice on our Website
• Notify you by email if the changes materially affect how we process your personal data
• Where required by the PDPA, obtain your renewed consent for any new processing activities

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us:

If you are not satisfied with our response or believe your data protection rights have been violated, you have the right to lodge a complaint with the Personal Data Protection Committee (PDPC) of Thailand.