NeuronLightA - Professional Investment Analysis & Strategic Finance Education

Overview and Commitment

At NeuronLightA, we understand that your financial information requires the highest level of protection. This privacy policy explains how we collect, use, store, and safeguard your personal data when you access our investment analysis platform and financial advisory services.

Our commitment extends beyond mere compliance. We've built our data handling practices around the principle that your information belongs to you, and we're simply trusted custodians helping you make better investment decisions.

This policy was last updated in January 2025 and applies to all services provided through neuronlighta.com and our related platforms serving clients in Thailand and internationally.

Information We Collect

We collect different types of information to provide you with personalized investment analysis and maintain the security of our platform. Here's exactly what we gather and why:

Account Information

Name, email address, phone number, and authentication credentials needed to create and secure your account. We also store your communication preferences and timezone settings.

Financial Profile Data

Investment experience level, risk tolerance, financial goals, and portfolio preferences. This helps us provide relevant analysis and recommendations tailored to your situation.

Platform Usage Analytics

How you navigate our platform, which analysis tools you use most, and time spent on different features. This data helps us improve user experience and develop better tools.

Device and Technical Information

IP address, browser type, device identifiers, and security logs. We use this information to protect your account and ensure platform compatibility across different devices.

Information We Don't Collect

We never request or store your actual brokerage account passwords, social security numbers, or complete bank account details. Our analysis tools work with aggregated market data, not your personal trading positions unless you specifically choose to share them.

How We Use Your Information

Every piece of data we collect serves a specific purpose in improving your experience with our investment analysis platform:

Providing personalized investment analysis based on your risk profile and financial objectives
Sending relevant market insights and analysis reports that match your investment interests
Maintaining platform security through fraud detection and account protection measures
Improving our analytical algorithms and developing new features based on user behavior patterns
Communicating important account updates, security alerts, and service announcements
Complying with financial regulations and maintaining required records for audit purposes

Marketing Communications

We only send marketing emails about new features, market analysis, or educational content if you've explicitly opted in. You can unsubscribe anytime, and we'll still send essential account-related communications.

Data Sharing and Third Parties

We maintain strict control over your personal information and never sell your data to marketing companies or data brokers. However, we do share limited information in these specific circumstances:

Essential Service Providers

Cloud hosting services (AWS Thailand), email delivery platforms, and payment processors receive only the minimum data necessary to provide their services. All providers sign comprehensive data processing agreements ensuring your information remains protected.

Financial Data Sources

To provide accurate market analysis, we partner with established financial data providers like Bloomberg and Refinitiv. We share anonymized usage patterns to maintain our data licensing agreements, but never your personal information.

Legal Requirements

Thai regulatory authorities may require access to certain records during audits or investigations. We comply with valid legal requests while protecting your privacy to the fullest extent permitted by law.

Business Transfers

In the unlikely event NeuronLightA is acquired or merges with another company, your data would transfer to the new entity. We would notify you at least 30 days before any such change and provide options for data deletion if desired.

Your Privacy Rights

Rights Under Thai Personal Data Protection Act

As a Thailand-based service, we comply fully with the Personal Data Protection Act (PDPA). You have comprehensive rights regarding your personal information, and we've made exercising these rights straightforward.

Access and Portability

Request a complete copy of all personal data we hold about you in a structured, machine-readable format. We typically fulfill these requests within 7 business days and provide data in CSV or JSON format for easy portability.

Correction and Updates

Update incorrect information directly through your account settings, or contact our privacy team for more complex corrections. We maintain audit logs of all changes for security purposes.

Deletion Rights

Request complete deletion of your account and associated data. We'll permanently remove all information within 30 days, except records we're legally required to retain for financial compliance purposes.

Processing Restrictions

Limit how we process your information while keeping your account active. For example, you can opt out of analytical profiling while still receiving essential security communications.

Objection Rights

Object to specific types of data processing, particularly for marketing or analytical purposes. We'll immediately stop the processing unless we have compelling legitimate grounds to continue.

How to Exercise Your Rights

Email our privacy team at privacy@neuronlighta.com with your request. We'll verify your identity and respond within the timeframes required by Thai law. There's no charge for most requests, though we may charge reasonable fees for excessive or repetitive requests.

Data Security Measures

Protecting your financial information requires multiple layers of security. We've implemented enterprise-grade protections that meet or exceed industry standards for financial services.

Encryption and Access Controls

All data transmissions use TLS 1.3 encryption, and stored data is encrypted using AES-256 encryption keys managed through AWS Key Management Service. Employee access follows strict need-to-know principles with multi-factor authentication required for all systems.

Infrastructure Security

Our servers operate in ISO 27001 certified data centers with 24/7 monitoring, redundant power systems, and biometric access controls. We maintain separate production and development environments to prevent accidental data exposure.

Regular Security Audits

Quarterly penetration testing by certified security firms, annual third-party compliance audits, and continuous vulnerability scanning. We also participate in responsible disclosure programs and maintain a security incident response plan.

Employee Training

All team members complete mandatory privacy and security training every six months, with additional specialized training for employees handling sensitive financial data. We conduct regular phishing simulations and security awareness updates.

Data Retention and Deletion

We keep your information only as long as necessary to provide our services and meet legal obligations. Here are our specific retention periods:

Active

Active Account Period

While your account remains active, we retain all data necessary to provide our investment analysis services and maintain your preferences and historical usage patterns.

12 Mo

Inactive Account Grace Period

After 12 months of inactivity, we'll email you about account closure. Your data remains fully accessible during this period if you choose to return to our platform.

30 Days

Deletion Process

Following account closure or deletion request, we permanently remove personal data within 30 days. Some anonymized usage statistics may be retained for service improvement.

7 Years

Compliance Records

Financial regulations require us to maintain certain transaction and communication records for seven years. These contain minimal personal information and are stored separately from active systems.

International Data Transfers

While our primary operations are based in Thailand, some of our technology partners operate globally. When your data crosses borders, we ensure it receives the same level of protection.

Transfer Safeguards

All international transfers rely on adequacy decisions, Standard Contractual Clauses approved by relevant authorities, or other legally recognized transfer mechanisms. We regularly review these arrangements to ensure continued compliance with Thai and international privacy laws.

Data Localization

Core financial profile data and analysis results remain stored on servers within Thailand. Only technical infrastructure data and encrypted backups are transferred internationally, and only to jurisdictions with adequate data protection laws.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our platform. Most are essential for security and functionality, while others help us understand how to improve our services.

Essential Cookies

Required for login authentication, session management, and security features. These cannot be disabled without significantly impacting platform functionality.

Analytics Cookies

Help us understand which features are most valuable and identify areas for improvement. You can opt out of these through your account preferences or browser settings.

Preference Cookies

Remember your dashboard layout, notification settings, and display preferences to provide a consistent experience across visits.

We don't use advertising cookies or participate in cross-site tracking networks. Our analytics focus purely on improving the investment analysis experience for our users.

Children's Privacy

NeuronLightA's investment analysis platform is designed for adults and requires users to be at least 18 years old. We don't knowingly collect personal information from minors.

If you believe we've inadvertently collected information from someone under 18, please contact us immediately. We'll investigate and delete any such information promptly.

Privacy Policy Updates

We review and update this privacy policy annually or when significant changes occur to our data practices. We'll always notify you before implementing changes that affect how we handle your personal information.

Notification Process

Major changes will be communicated via email at least 30 days before taking effect. Minor clarifications or updates to contact information may be posted on our platform with immediate effect.

Version History

Previous versions of this policy remain available through our legal documentation archive. You can request copies of earlier versions to understand how our practices have evolved over time.