Privacy Policy

1. Introduction

Neuralforges ("we", "us", "our") is a legal practice registered and operating in Bangkok, Thailand, providing notarial services through qualified notarial services attorneys. In the course of our work, we collect and process personal data relating to the individuals and organisations who engage our services or contact us through this website.

This policy sets out what personal data we collect, how we use it, who we share it with, how long we retain it, and what rights individuals have in respect of their personal data. It applies to personal data collected via our website at neuralforges.com and in connection with any notarial engagement with our firm.

Our processing of personal data is governed primarily by Thailand's Personal Data Protection Act B.E. 2562 (PDPA). Where clients are located in the European Economic Area, we also take into account the applicable requirements of the General Data Protection Regulation (EU) 2016/679. Questions about this policy may be directed to [email protected].

2. Personal Data We Collect

We collect the following categories of personal data:

• Identity data: Full name, nationality, passport or identification card number, date of birth — collected in connection with identity verification required for all notarial acts.
• Contact data: Email address, telephone number, postal address — collected via enquiry forms, appointment scheduling, and engagement correspondence.
• Document data: Content of documents presented for notarial authentication, to the extent personal data appears in those documents.
• Corporate data: Company name, registration number, signatory authority details — for corporate engagement clients.
• Website usage data: IP address, browser type, pages visited — collected via cookies and analytics tools (see Section 5).

Legal basis for processing: Identity and document data are processed on the basis of contractual necessity and to comply with legal obligations applicable to notarial services attorneys in Thailand. Contact data submitted via website forms is processed on the basis of your consent. Website analytics data is processed where you have consented to analytics cookies.

Retention periods: Notarial register records and identity verification copies are retained for seven years from the date of the notarial act, in accordance with Lawyers Council requirements. Website enquiry data is retained for two years. Website analytics data is retained in accordance with our analytics provider's standard retention settings.

3. How We Use Personal Data

We use personal data for the following purposes:

• To perform identity verification required prior to any notarial act
• To prepare and issue notarial certifications and accompanying written records
• To communicate with clients about their engagement, including appointment arrangements and follow-up
• To respond to website enquiries
• To maintain our notarial register as required by the Lawyers Council of Thailand
• To comply with legal obligations, including any obligation to produce records to competent authorities
• To analyse website usage for the purposes of improving our website (analytics cookies only, where consent has been given)

We do not use personal data for direct marketing without separate consent. We do not use automated decision-making or profiling in connection with notarial engagements.

4. Data Sharing

We do not sell personal data. We share personal data only in the following circumstances:

• Professional advisers: Where required to complete an engagement, for example where we liaise with the Ministry of Foreign Affairs in connection with an apostille.
• Legal obligations: Where we are required by law, court order, or the Lawyers Council to disclose information.
• IT service providers: Our website hosting and analytics providers, who process data on our behalf under appropriate contractual arrangements.

Where data is transferred outside Thailand, we take steps to ensure that adequate protections are in place, including where relevant the standard contractual clauses adopted under the PDPA or other applicable frameworks.

5. Cookies

Our website uses cookies. Essential cookies are necessary for the site to function and are set automatically. Optional cookies — including analytics and preference cookies — are only placed if you consent via the cookie banner displayed on your first visit to our website. You may change your cookie preferences at any time by visiting our Cookie Policy page.

6. Data Security

We take reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or destruction. These include:

• Physical security controls for paper records containing identification data
• Access controls limiting electronic records to authorised staff only
• Encrypted communication channels for data transmitted via our website
• Regular review of data handling practices

In the event of a personal data breach, we will take the steps required under the PDPA, including notification to the Personal Data Protection Committee and, where required, to affected individuals within the prescribed timeframes.

7. Your Rights

Under the PDPA, you have the following rights in respect of personal data we hold about you:

• Right to access: To request a copy of the personal data we hold about you.
• Right to rectification: To request correction of inaccurate personal data.
• Right to erasure: To request deletion of personal data where we no longer have a legal basis to retain it.
• Right to object: To object to processing based on legitimate interests.
• Right to withdraw consent: To withdraw consent for processing based on consent (including analytics cookies) at any time.
• Right to data portability: To request your personal data in a structured, commonly used format where processing is based on consent or contract.

To exercise any of these rights, write to us at [email protected]. We will respond within 30 days. Note that some rights may be limited where we are required to retain data under legal obligations, including the Lawyers Council's notarial register requirements.

You also have the right to lodge a complaint with the Personal Data Protection Committee of Thailand, which is the supervisory authority responsible for PDPA enforcement.

8. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies before providing any personal data to them.

9. Children's Privacy

Our services are intended for individuals aged 18 and over. We do not knowingly collect personal data from minors. If you believe that a minor has submitted personal data to us, please contact us at [email protected] and we will take steps to delete it.

10. Updates to This Policy

We may update this Privacy Policy from time to time. The revised policy will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically. Continued use of our website following any update constitutes acceptance of the revised policy.

11. Contact

For all privacy-related enquiries, including requests to exercise your rights under the PDPA: