Privacy Policy
We know privacy matters. This policy explains how we handle your data when you work with Sparkly Lumora for performance testing and optimization services. We've written this in plain language because legal jargon helps no one.
Quick Contact for Privacy Questions
If something here doesn't make sense or you want to know more about your data, reach out directly:
Email: help@sparkly-lumora.com
Phone: +66 38 607 554
Address: 102 Ratana Uthit Soi 20 Rd, Hat Yai District, Songkhla 90110, Thailand
What Information We Collect
When you engage with us for performance testing services, we need certain information to do our job properly. Here's what we typically collect and why:
| Information Type | What We Collect | Why We Need It |
|---|---|---|
| Contact Details | Name, email, phone number, company name | To communicate about your project and send reports |
| Technical Information | Website URLs, server details, application specifications | To conduct performance testing on your systems |
| Usage Data | How you interact with our website and services | To improve our service delivery and user experience |
| Business Information | Company size, industry, specific performance concerns | To tailor our testing approach to your needs |
| Payment Information | Billing details, transaction records | To process payments and maintain financial records |
Important: We only collect information that's actually necessary for providing our services. If we don't need it, we don't ask for it.
How We Use Your Information
We're not in the business of selling data or sending spam. Your information serves specific purposes related to the services you've requested:
- Conducting performance tests and optimization work on your systems
- Communicating with you about project progress, findings, and recommendations
- Generating reports and documentation about test results
- Processing payments and maintaining accurate billing records
- Improving our testing methodologies based on aggregated insights
- Complying with legal requirements under Thai law and international standards
- Protecting our systems and yours from security threats
What We Don't Do
Just as important as what we do is what we don't do with your information:
- We don't sell your data to third parties
- We don't share client information with competitors
- We don't use your technical data for purposes outside your engagement
- We don't send marketing emails unless you've specifically opted in
Your Rights Under Thai Law
Thailand's Personal Data Protection Act (PDPA) gives you specific rights over your personal information. We respect these rights and have processes to help you exercise them.
Access Your Data
You can request a copy of all personal information we hold about you. We'll provide this within 30 days of your request.
Correct Inaccuracies
If information we hold about you is incorrect or outdated, you can ask us to update it. We'll make corrections promptly.
Delete Your Data
You can request deletion of your personal information, subject to legal retention requirements for business records.
Restrict Processing
You can ask us to limit how we use your data while we investigate a concern you've raised about accuracy or usage.
Data Portability
You can receive your data in a structured, commonly used format to transfer to another service provider if you choose.
Object to Processing
You can object to certain types of data processing, particularly for marketing purposes or automated decision-making.
To exercise any of these rights, send an email to help@sparkly-lumora.com with "Data Rights Request" in the subject line. We'll respond within 30 days with either the information you requested or an explanation if we can't fulfill the request.
How We Protect Your Information
Performance testing often involves access to sensitive technical information. We take security seriously because your trust depends on it.
Security Measures We've Implemented
Encryption
All data transmitted between you and our systems uses TLS 1.3 encryption. Data at rest is encrypted using AES-256 standards.
Access Controls
Only team members working directly on your project can access your information. We use role-based access control and multi-factor authentication.
Secure Infrastructure
Our systems are hosted in secure data centers with physical security, redundant systems, and regular security audits.
Regular Testing
We conduct quarterly security assessments and penetration testing on our own systems. Yes, we test the testers.
Employee Training
Our team receives ongoing training on data protection, security best practices, and confidentiality requirements.
Incident Response
We have documented procedures for responding to any security incidents, including immediate notification to affected clients.
Reality Check: No system is 100% secure. We implement industry-standard protections and stay current with security best practices, but we can't guarantee absolute security. What we can guarantee is that we take it seriously and will notify you promptly if any breach affects your data.
Data Retention and Deletion
We don't keep your information forever. Here's how long we retain different types of data and why:
Active Project Data
While we're working on your project, we keep all relevant information readily accessible. This includes technical data, test results, communications, and documentation.
Completed Project Archives
After a project concludes, we retain essential records for 7 years to comply with Thai business law requirements. This includes contracts, invoices, and final reports. Detailed technical data and test logs are typically deleted after 2 years unless you request longer retention.
Marketing and Communications
If you've opted into marketing communications, we keep your contact preferences until you unsubscribe. You can opt out anytime by clicking the unsubscribe link in emails or contacting us directly.
Requesting Early Deletion
You can request deletion of your data before these retention periods expire. We'll honor such requests except where we're legally required to maintain records for tax, legal, or regulatory purposes. If we can't delete everything immediately, we'll explain exactly what must be retained and for how long.
Sharing and Third Parties
We share your information only when necessary for service delivery or legal compliance. Here's the complete picture:
Service Providers We Work With
- Cloud Infrastructure: We use secure cloud hosting providers for our testing infrastructure and data storage
- Payment Processing: Financial transactions are processed through certified payment providers who maintain their own security standards
- Communication Tools: Email and project management platforms help us collaborate with you effectively
- Analytics Services: We use analytics tools to understand how visitors use our website, but this data is anonymized
All third-party service providers are contractually bound to protect your data and use it only for the specific purposes we've authorized. We vet our partners carefully and only work with companies that meet our security standards.
Legal Requirements
We may disclose information if required by Thai law, court order, or government regulation. If this happens, we'll notify you unless legally prohibited from doing so.
Business Transfers
If Sparkly Lumora is acquired or merged with another company, your information would be transferred to the new entity. We'd notify you of any such change and how it affects your data.
International Data Transfers
Our primary operations are in Thailand, but performance testing sometimes involves international collaboration or infrastructure. If your data is transferred outside Thailand, we ensure appropriate safeguards:
- We only transfer data to countries with adequate data protection laws or under specific legal frameworks
- Contractual agreements with international partners include data protection clauses
- Technical measures like encryption protect data during transfer and storage
- You can request information about where your specific data is stored at any time
For clients in the European Union or other regions with specific data protection requirements, we can implement additional safeguards as needed.
Cookies and Tracking
Our website uses cookies to function properly and improve your experience. Here's what you should know:
Essential Cookies
These are necessary for the website to work. They enable basic functions like page navigation, secure access to restricted areas, and form submissions. You can't opt out of these without losing functionality.
Analytics Cookies
We use these to understand how visitors interact with our website. This helps us identify confusing navigation, slow-loading pages, and opportunities to improve. The data is aggregated and anonymous.
Managing Cookie Preferences
Most browsers let you control cookies through settings. You can refuse cookies, delete existing ones, or receive notifications when new cookies are set. Keep in mind that disabling cookies may affect site functionality.
Children's Privacy
Our services are designed for businesses and professional users. We don't knowingly collect information from individuals under 18 years of age. If we discover we've inadvertently collected such information, we'll delete it promptly.
Changes to This Policy
We update this privacy policy occasionally to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we'll notify you by email or through a prominent notice on our website.
The "Last Updated" date at the top shows when the current version took effect. We recommend reviewing this policy periodically, especially if you're a long-term client.
If changes affect how we handle information we've already collected, we'll seek your consent before applying the new practices to your existing data.