B Bridgora Contact Us
Legal

Privacy Policy

This policy explains how Bridgora collects, uses, and protects personal information provided through our website and in connection with our advisory services. We handle personal data with care and do not share it with third parties except as described below.

Last updated: 10 April 2025  ·  Effective: 10 April 2025

1. Introduction

Bridgora ("we", "us", "our") is a cross-cultural business advisory firm registered in Thailand and operating from Bangkok. This Privacy Policy applies to personal information collected through bridgora.biz and through the course of delivering our advisory services.

We are committed to handling personal data responsibly, in accordance with Thailand's Personal Data Protection Act B.E. 2562 (PDPA) and, where applicable to our international clients, with reference to the principles of the EU General Data Protection Regulation (GDPR).

By using our website or engaging our services, you acknowledge that you have read this policy. Questions can be directed to [email protected].

2. Personal Data We Collect

What we collect

  • Name and job title, provided through the contact form or during service delivery
  • Business email address and, where provided, a telephone number
  • Company name and the markets or topics you are working on, as shared in correspondence
  • Technical data: IP address, browser type, pages visited, and session duration, collected automatically through analytics tools
  • Cookie preference data, stored locally in your browser

How it is collected

  • Directly from you, through the website contact form or email correspondence
  • Automatically, through analytics and session tracking on the website
  • Through the course of an advisory engagement, in interviews and workshop sessions

Legal basis for processing

  • Consent — for marketing communications and non-essential cookie usage
  • Contract performance — for data necessary to deliver a service you have engaged us for
  • Legitimate interests — for improving our services and responding to enquiries

Data retention

Contact enquiries and correspondence are retained for up to three years from the date of last contact. Engagement records — interview notes, workshop records, briefing packs — are retained for five years from the completion of the engagement and then securely deleted. Analytics data is retained in aggregate form only, with no individual identification after 14 months.

3. How We Use Personal Data

Service delivery

Personal data provided in connection with an advisory engagement is used solely to prepare and deliver the programme you have engaged us for — interviews, workshop preparation, written briefing documents, and follow-up correspondence.

Responding to enquiries

Contact form submissions are used to respond to your enquiry. We do not add you to any mailing list on the basis of a contact form submission alone.

Marketing communications

We do not send marketing emails unless you have explicitly opted in. You can withdraw consent at any time by writing to [email protected].

Website analytics

Aggregated, anonymised data about how visitors use our website is used to improve its content and structure. No individually identifiable profiles are built from this data.

Third-party data sharing

  • We do not sell personal data to any third party
  • We may share data with service providers who process it on our behalf — for example, website hosting and analytics providers — under data processing agreements that restrict their use of the data
  • We may disclose data where required by Thai law or a competent authority

4. Data Protection Measures

We take reasonable technical and organisational steps to protect personal data against unauthorised access, disclosure, or loss.

  • Our website is served over HTTPS with TLS encryption in transit
  • Access to personal data held in our systems is restricted to personnel who need it for service delivery
  • Engagement documents containing personal or commercially sensitive information are stored in access-controlled systems and not transmitted via unencrypted channels
  • In the event of a data breach affecting your personal data, we will notify you without undue delay where required by applicable law
  • We review our data security practices periodically and update them in line with current standards

5. Cookies

Our website uses cookies to support basic functionality and, with your consent, to collect analytics data about how the site is used. The categories of cookies we use are:

  • Essential cookies — required for the website to function. These cannot be disabled.
  • Analytics cookies — used to understand how visitors navigate the site. Active only with your consent.
  • Preference cookies — used to remember your cookie consent choice.

You can review and update your cookie preferences at any time on our Cookie Policy page.

6. Your Rights

Under the Thailand PDPA and, where applicable, the GDPR, you have the following rights regarding your personal data:

  • Access — you may request a copy of the personal data we hold about you
  • Rectification — you may request that inaccurate data be corrected
  • Erasure — you may request deletion of your personal data where there is no legal basis for continued retention
  • Data portability — where technically feasible, you may request your data in a machine-readable format
  • Object to processing — you may object to processing based on legitimate interests
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, write to [email protected]. We will respond within 30 days. If you are an EU resident and believe your rights have not been upheld, you may lodge a complaint with your national data protection authority. For Thailand-based complaints, the relevant body is the Personal Data Protection Committee (PDPC).

7. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those sites and recommend that you review their privacy policies before submitting personal data to them. The presence of a link does not constitute an endorsement.

8. Children's Privacy

Our services are directed at business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has submitted personal data through our website, please contact us at [email protected] and we will delete it promptly.

9. Policy Updates

We may update this policy from time to time to reflect changes in our practices or applicable law. The updated policy will be published on this page with a revised "Last updated" date. Where changes are material, we will make reasonable efforts to notify active clients directly. Continued use of the website after an update constitutes acceptance of the revised policy.

10. Contact

Bridgora is the data controller for personal data collected through this website and in connection with our advisory services.

  • Business name: Bridgora
  • Address: 188 Surawong Road, Khwaeng Si Phraya, Khet Bang Rak, Bangkok 10500, Thailand
  • Data enquiries: [email protected]
  • General enquiries: [email protected]

We aim to respond to all data-related enquiries within 30 calendar days of receipt.