SAYAM Systems

Privacy Policy

Last Updated: 2026-02-19

Introduction

SAYAM Systems Co., Ltd. ("SAYAM Systems", "we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

This policy complies with the European Union General Data Protection Regulation (GDPR) and the Thailand Personal Data Protection Act B.E. 2562 (PDPA).

Data Controller

The data controller responsible for your personal data is:

  • SAYAM Systems Co., Ltd.
  • Bangkok, Thailand
  • Email: privacy@sayamsystems.com

Data We Collect

We may collect and process the following categories of personal data:

Information You Provide

  • Contact information (name, email address, phone number)
  • Company and job title information
  • Messages and inquiries submitted through our contact forms
  • Information provided during service engagements

Information Collected Automatically

  • IP address and approximate geographic location
  • Browser type, version, and operating system
  • Pages visited, time spent, and navigation patterns
  • Referring website and search terms

How We Use Your Data

We process your personal data for the following purposes:

  • To provide and improve our IT and cybersecurity services
  • To respond to your inquiries and communicate with you
  • To send service-related updates and information (with your consent)
  • To analyze website usage and improve user experience
  • To comply with legal obligations and protect our rights

Legal Basis for Processing

We process your personal data based on the following legal grounds:

Under GDPR (Article 6)

  • Consent: Where you have given explicit consent for specific processing
  • Contract: Where processing is necessary for the performance of a contract with you
  • Legitimate Interest: Where processing is necessary for our legitimate business interests
  • Legal Obligation: Where processing is required by law

Under PDPA (Section 24)

  • Consent: Where you have given consent for the collection, use, or disclosure of your data
  • Contract: Where it is necessary for the performance of a contract to which you are a party
  • Legitimate Interest: Where it is necessary for our legitimate interests, provided it does not override your rights

Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service providers and contractors who assist us in delivering our services (under appropriate data processing agreements)
  • Professional advisors including lawyers, auditors, and accountants
  • Government authorities and regulators when required by law

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Client engagement data: For the duration of the engagement plus 5 years for legal compliance
  • Contact form submissions: 2 years from the date of submission
  • Website analytics data: 26 months (anonymized after this period)

Your Rights

Depending on your location and applicable law, you have the following rights regarding your personal data:

Under GDPR

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or direct marketing
  • Right to Withdraw Consent: Withdraw previously given consent at any time

Under PDPA

  • Right of Access: Request access to and obtain a copy of your personal data
  • Right to Rectification: Request that we correct inaccurate personal data
  • Right to Erasure: Request deletion or de-identification of your data
  • Right to Restrict Processing: Request restriction of the use of your data
  • Right to Data Portability: Request transfer of your data to another controller
  • Right to Object: Object to the collection, use, or disclosure of your data

To exercise any of these rights, please contact us at privacy@sayamsystems.com. We will respond to your request within 30 days.

Cookies

Our website uses cookies and similar technologies to enhance your experience. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

International Data Transfers

Your personal data may be transferred to and processed in countries outside of Thailand or the European Economic Area. When we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses or other legally recognized transfer mechanisms.

Data Protection Contact

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

  • Email: privacy@sayamsystems.com
  • SAYAM Systems Co., Ltd., Bangkok, Thailand

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. If we make material changes, we will notify you through prominent notice on our website or by direct communication.