Privacy Policy
Effective Date: January 15, 2025
Who We Are
ForwardBoost operates as a specialized blockchain security audit and testing service based in Thailand. We help businesses understand and improve the security of their blockchain applications through comprehensive testing and analysis.
When you work with us, you're trusting us with important information about your project and business. This policy explains exactly how we handle that responsibility.
Information We Collect
The information we gather falls into several categories, depending on how you interact with our services:
- Contact details you provide when reaching out for consultations or services
- Technical information about your blockchain projects that you share during audits
- Communication records from our discussions and project work
- Website usage data when you visit our site, including basic analytics
- Business information relevant to understanding your security requirements
We never collect sensitive personal data unless it's directly necessary for providing our security services to you.
How We Use Your Information
Your information serves specific purposes in our work relationship. We use it to deliver the blockchain security services you've requested and to maintain our professional relationship with your business.
| Purpose | Information Used |
|---|---|
| Security audits and testing | Technical project data, communication records |
| Client communication | Contact information, project details |
| Service improvement | Feedback, usage patterns (anonymized) |
| Legal compliance | Business records as required by Thai law |
Data Protection and Security
Given our expertise in blockchain security, we apply rigorous protection measures to your data. We use industry-standard encryption for data storage and transmission, maintain secure development practices, and limit access to information on a need-to-know basis.
Our team members sign confidentiality agreements, and we regularly review our security procedures. However, like any security professional will tell you, no system is completely impervious to all risks.
If we ever discover a data security incident, we'll notify affected clients within 72 hours and take immediate steps to address the situation.
Sharing and Third Parties
We don't sell or rent your information to anyone. The only situations where we might share your data are:
- With specialized security tools or platforms necessary for conducting audits (under strict confidentiality terms)
- When legally required by Thai authorities or court orders
- With your explicit permission for specific business purposes
- In anonymized form for industry research or case studies (no identifying details included)
Any third-party services we use for business operations (like cloud storage or communication tools) are carefully vetted and bound by appropriate data protection agreements.
Your Rights and Control
You maintain significant control over your information throughout our business relationship. Here's what you can request from us:
- Access to see what information we have about you and your projects
- Corrections to any inaccurate information in our records
- Deletion of your data when it's no longer needed for business or legal purposes
- Restrictions on how we process certain types of information
- Copies of your data in a portable format
To exercise these rights, simply contact us using the information provided below. We'll respond within 30 days and work with you to address your request appropriately.
Data Retention
We keep your information only as long as necessary for business, legal, or contractual reasons. Typically, this means:
- Active project data: Duration of engagement plus 2 years
- Communication records: 3 years after project completion
- Financial records: 5 years (Thai tax law requirement)
- Website analytics: 2 years maximum
After these periods, we securely delete or anonymize information that's no longer needed. Some data might be retained longer if required by law or for legitimate business interests, but we'll always use the shortest reasonable timeframe.
International Data Transfers
While ForwardBoost is based in Thailand, some of our security tools and business services operate from servers in other countries. When your data crosses international boundaries, we ensure appropriate safeguards are in place.
This might include using services with adequate data protection certifications, implementing contractual protections, or choosing providers in countries with strong privacy frameworks.
Changes to This Policy
We review and update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we'll notify active clients directly and post the updated policy on our website.
Minor updates might be posted without individual notification, so we recommend checking this page occasionally if you're working with us regularly.
Questions About Your Privacy?
We're here to answer your privacy questions and help you understand how your information is protected when you work with ForwardBoost.