Privacy Policy

1. Scope

• - This policy applies to Gumon public website usage and related pages.
• - It does not cover third-party services linked from this website, such as external documentation or social media.
• - The data controller under this policy is Gumon Technology Co., Ltd. (registration no. 0405566007844).

2. Data We Collect

• - Information you provide directly: name, email, phone, topic, and details sent through contact forms.
• - Technical data: visited URLs, access time, referrer, and device type.
• - Cookie and analytics/marketing data (where consent is required), including tools such as Google Analytics or Google Tag Manager.

3. Purposes of Processing

• - To respond to inquiries and assess initial project requirements from Contact submissions.
• - To analyze website usage and channel performance at an aggregate level.
• - To protect platform security, detect abnormal usage, and maintain service quality.
• - To improve services and content related to the Gumon platform.

4. Legal Bases

• - User consent where consent is required.
• - Necessity to provide requested information or support through contact channels.
• - Legitimate interests in security and service quality improvement.

5. Data Sharing

• - We do not sell personal data.
• - At present, Gumon Technology is the sole data controller for this website.
• - As of this policy date, we do not routinely transfer contact data to affiliates or external processors for business operations.
• - If external processors or group sharing are introduced in the future, we will update this policy before activation.
• - Any disclosure is limited to what is necessary for stated purposes or required by law.

6. Cross-border Data Transfers

Gumon does not currently perform routine international transfers of personal data to other entities. Since the website is globally accessible, if cross-border transfer becomes necessary in the future, we will apply appropriate safeguards and update this policy in advance.

7. Retention Periods

• - Contact form and coordination email data: typically up to 24 months after the latest contact.
• - Security logs: typically 6-12 months.
• - Cookie and analytics data: based on tool settings and user consent choices.
• - After retention purposes are fulfilled, data is deleted or anonymized.
• - You may request earlier deletion via data@gumon.io.

8. Data Security

We apply appropriate technical and organizational safeguards to protect against unauthorized access, disclosure, or modification.

9. Data Subject Rights

• - You may request access, correction, deletion, objection, or restriction of processing in accordance with applicable law.
• - Submit requests to data@gumon.io (recommended email subject prefix: [DSAR]).
• - We generally acknowledge requests within 72 hours and complete handling within legal timelines.

10. Children and Sensitive Data

This website is not designed to intentionally collect children's personal data and is not intended for direct sensitive data collection. If such data is submitted unintentionally, please contact us for removal.

11. Regulatory Complaints

If you believe we do not comply with applicable data protection laws, you may lodge a complaint with the relevant supervisory authority in your jurisdiction.

12. Policy Updates

We may update this policy from time to time and will display the latest update date on this page.

13. Contact

• - Privacy and data rights inquiries: data@gumon.io
• - Responsible team: Data Governance & Privacy Office
• - Contact name and address: Gumon Technology Co., Ltd., 33/4 Moo 11, The Nine Towers, Tower A, Floor 35, Rama 9 Road, Huai Khwang, Bangkok 10310, Thailand