Privacy Policy

Instly Technologies (Instly Co Ltd) is registered in Thailand. We operate instlytechnologies.com and related products.

This notice is issued in accordance with Thailand's Personal Data Protection Act B.E. 2562 (2019) ("PDPA"). For privacy enquiries, contact our data protection contact at info@instlytechnologies.com.

Information you provide directly — name, email, company, job title, and any message content — when you contact us, request a demo or use our products.

Automatically collected technical data — IP address, browser type, device type, pages viewed, referring URL, timestamps, and cookie identifiers (see Cookies below).

We do not knowingly collect sensitive personal data as defined under Section 26 of the PDPA (e.g. race, religion, health, biometric data). Please do not submit such data to us.

We process personal data on the following PDPA legal bases:

• Contract — to respond to your enquiry, deliver our products and provide support.
• Legitimate interest — to operate, secure and improve our site and products, and to send relevant business communications to existing contacts.
• Consent — for non-essential cookies (analytics, marketing) and for direct marketing to new contacts. You may withdraw consent at any time.
• Legal obligation — where we must retain or disclose data to comply with Thai law.

Primary data storage is on Supabase infrastructure (EU region). Operational logs and analytics may be processed in the EU and the United States.

Retention periods:

• Contact and enquiry data — up to 24 months after last interaction.
• Customer account and contract data — for the duration of the relationship plus 10 years (Thai accounting and tax requirements).
• Server logs — up to 90 days.
• Analytics data — up to 14 months.
• Cookie consent records — up to 12 months, after which we ask again.

Some of our processors are located outside Thailand. Under Sections 28–29 of the PDPA, we transfer personal data only where the destination country provides adequate protection or where appropriate safeguards are in place (such as standard contractual clauses), or with your explicit consent.

Current cross-border destinations:

• European Union — Supabase (database, auth, storage). Recognised as adequate.
• United States — Anthropic (AI processing), Vercel (hosting/edge). Transferred under standard contractual clauses.

We use three categories of cookies:

• Strictly necessary — required for the site to function (e.g. recording your cookie choice). Always on; no consent required.
• Analytics — help us understand how visitors use the site. Set only with your consent.
• Marketing — support remarketing and campaign measurement. Set only with your consent.

Analytics and marketing cookies are not set until you actively accept them via the consent banner. You can change or withdraw your choice at any time by clearing site data in your browser or emailing us at info@instlytechnologies.com.

Subject to the conditions in the PDPA, you have the right to:

• Access your personal data and request a copy.
• Rectify inaccurate or incomplete data.
• Request erasure or anonymisation.
• Restrict processing.
• Object to processing, including for direct marketing.
• Data portability in a machine-readable format.
• Withdraw consent at any time, without affecting prior lawful processing.
• Lodge a complaint with the Office of the Personal Data Protection Committee (PDPC) of Thailand.

To exercise any of these rights, email info@instlytechnologies.com. We will respond within 30 days as required by the PDPA.

We apply reasonable administrative, technical and physical safeguards to protect personal data. In the event of a personal data breach that is likely to result in risk to affected individuals, we will notify the PDPC within 72 hours of becoming aware, and notify affected individuals where required by law.

We use Anthropic (AI processing), Supabase (data storage and authentication) and Vercel (hosting). Each operates under its own privacy policy and is engaged as a data processor where applicable.

We may update this policy. Material changes will be posted on this page with an updated effective date. Where required by the PDPA, we will request your consent again.

Instly Co Ltd, Thailand — info@instlytechnologies.com.