Starter layout boilerplate—you should retain counsel familiar with Thai PDPA nuances before relying on it.
Last updated: May 2026
Use the headings below as a modular outline your legal team can replace with negotiated language.
This policy outlines how Air Commerce treats information you submit on our site or during demo scheduling conversations.
It is starter draft wording for layout only—not legal advice. Contact info@air-commerce.com for practical questions.
For enquiries submitted via this website—unless another agreement says differently—we treat Air Commerce as the controller of that enquiry data.
Once you onboard as a SaaS subscriber, contractual documents should explain when you remain controller over end‑customer datasets and when we operate as processor for specific flows.
We do not sell contact lists for generic marketing. Vendors assisting with hosting, email delivery, ticketing, CRM, security, or analytics process data strictly under confidentiality and contractual safeguards tailored to each service.
We keep records long enough for the stated purposes and lawful obligations, after which data is erased, aggregated, anonymised, or restricted as permitted.
Administrative and technical safeguards reduce the risk of unauthorised access, alteration, or loss—but no transmission or storage mechanism is flawless, which your counsel should caveat for your jurisdiction.
We may leverage cookies/session storage consistent with UX or analytics tooling you approve. Dedicated cookie disclosures can supersede these bullets.
Hosting or failover regions may reside outside Thailand. Appropriate transfer mechanisms described in onboarding paperwork should prevail over this scaffold.
Meaningful changes will appear on-site (and sometimes email notices). The refreshed “last updated” label should accompany each revision.
Privacy questions referencing this scaffold: info@air-commerce.com.