Privacy Policy

1. Introduction

RiskCalcPro ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your information when you visit https://riskcalcpro.com.

This policy is designed to comply with:

• พระราชบัญญัติคุ้มครองข้อมูลส่วนบุคคล พ.ศ. 2562 (Thailand's Personal Data Protection Act, "PDPA")
• EU General Data Protection Regulation 2016/679 ("GDPR")
• UK Data Protection Act 2018
• California Consumer Privacy Act ("CCPA")

2. Who We Are (Data Controller)

RiskCalcPro is the data controller responsible for your personal data. For privacy-related inquiries, contact us via our Contact page.

3. Data We Collect

3.1 Data You Provide Directly

• Email address — only if you voluntarily subscribe to our newsletter
• Contact form data — name, email, message (if you contact us)
• Calculator inputs — these are processed entirely in your browser and are NEVER sent to our servers

3.2 Data Collected Automatically

• Technical data: IP address (anonymised), browser type, device type, operating system, screen resolution
• Usage data: pages visited, time on site, referrer URL, click patterns (aggregated)
• Cookies: see Section 6 below

We do NOT collect: full name (unless you provide it), passport / ID number, financial account details, payment information, location data beyond country, biometric data, or any sensitive personal data as defined under PDPA Section 26.

4. Why We Collect Data

• To operate and improve the Website
• To send newsletter emails (if you subscribed)
• To respond to your inquiries via the contact form
• To analyze aggregate traffic patterns (Google Analytics)
• To serve relevant ads (Google AdSense, only with your consent)
• To detect and prevent abuse, fraud, or security threats
• To comply with legal obligations

5. Legal Basis for Processing

6. Cookies & Tracking Technologies

A "cookie" is a small text file stored on your device. We use:

Essential Cookies (always active)

• Session cookies — to remember your cookie consent choice and language preference
• Local storage — to remember your preferences (e.g., default account size in calculators)

Analytics Cookies (only with your consent)

• Google Analytics 4 (GA4) — anonymized session tracking, page views, bounce rate
• IP addresses are anonymised before storage (last octet truncated)

Advertising Cookies (only with your consent)

• Google AdSense — to serve contextual and personalised ads
• You can opt out at Google Ad Settings

You can manage your cookie preferences at any time through our cookie banner or your browser settings. Declining non-essential cookies will not impact core calculator functionality.

7. Third-Party Services

We use the following third-party services that may collect data:

• Google Analytics — privacy policy: policies.google.com/privacy
• Google AdSense — privacy policy: policies.google.com/technologies/ads
• Cloudflare (CDN, security) — privacy policy: cloudflare.com/privacypolicy
• Google Fonts — privacy policy: policies.google.com/privacy

8. Data Sharing & International Transfers

We do NOT sell, rent, or trade your personal data to anyone.

We may share data with:

• Third-party service providers listed above (under strict data processing agreements)
• Law enforcement, when legally required (e.g., court order, valid government request)
• A successor entity in case of merger, acquisition, or asset sale (with notice to you)

International transfers: Some of our service providers (e.g., Google) may store data outside Thailand. We ensure such transfers comply with PDPA Section 28 (adequate protection or appropriate safeguards) and GDPR Chapter V.

9. Data Retention

• Newsletter subscriber emails: until you unsubscribe
• Contact form messages: 12 months, then deleted
• Analytics data: 14 months (Google default)
• Server logs: 30 days

10. Your Rights

To exercise any of these rights, please contact us. We will respond within 30 days as required by PDPA.

11. Security

We implement reasonable technical and organisational measures to protect your data, including:

• HTTPS/TLS encryption for all traffic
• HSTS headers
• Restricted access to subscriber data
• Regular security reviews

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but will notify affected users and the PDPC within 72 hours of discovering any data breach affecting personal data, as required by PDPA.

12. Children's Privacy

RiskCalcPro is not directed at individuals under 20 years of age (the age of majority in Thailand). We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, please contact us for prompt deletion.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via a notice on the Website at least 30 days before they take effect. Your continued use after the effective date constitutes acceptance of the updated policy.

14. Contact & Data Controller

Data Controller: Kornravit (independent individual operator, Thailand)
Privacy & PDPA inquiries: work.kornravit@gmail.com

For privacy questions, data subject requests under PDPA Section 30-37, or to exercise any of your rights:

• Contact form: riskcalcpro.com/contact
• Privacy email: work.kornravit@gmail.com
• Response time: We will respond within 30 days as required by PDPA Section 33.

Note: RiskCalcPro is a small independent operation. We do not currently have a formally appointed Data Protection Officer (DPO), as this is not required for operators of our scale under current PDPA guidelines. All privacy matters are handled with full diligence. If you are not satisfied with our response, please contact the PDPC directly.

If you are not satisfied with our response, you have the right to lodge a complaint with:

• Thailand: Office of the Personal Data Protection Committee (PDPC) — pdpc.or.th
• EU: Your local data protection authority
• UK: Information Commissioner's Office (ICO) — ico.org.uk