Privacy Notice

Blue Eagle Eye Company Limited (“Blue Eagle Eye”, “BEE”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Notice explains how we collect, use, disclose, retain, and protect personal data obtained through our website (www.blueeagleeye.com) and related business communications, in strict accordance with the Thailand Personal Data Protection Act B.E. 2562 (PDPA).

This Privacy Notice applies to visitors, individuals who contact us through our website, submit a research enquiry, subscribe to receive research insights, or communicate with us through any channels displayed on our website.

1. Who We Are

Blue Eagle Eye Company Limited is a market research, customer insight, analytics, and strategic consulting company serving organizations in Thailand and Southeast Asia.

• Company: Blue Eagle Eye Company Limited
• Website: www.blueeagleeye.com
• Email: san@blueeagleeye.com
• Telephone: +66 92-593-9898
• Address: 2823/3 Room 222, Charoenkrung Road, Bang Kho Laem, Bang Kho Laem District, Bangkok 10120, Thailand

For any questions regarding this Privacy Notice or your personal data rights, please contact our privacy representative at: san@blueeagleeye.com.

2. Personal Data We Collect

We collect personal data that you voluntarily provide to us, as well as technical and behavioral data automatically generated during your visit through tracking technologies.

2.1 Research Enquiry and Contact Forms

When you submit an enquiry, we may collect: Full name, company name, work email address, telephone number, country/region, type of research needed, your specific business questions or project requirements, and your preference to receive insights.

• Legal Basis & Webflow Processing: This data is processed through Webflow Forms and transmitted via secure email notifications. The processing is necessary to take steps at your request prior to entering into a potential contract (Contractual Basis) and serves our Legitimate Interests in responding effectively to business enquiries.

2.2 Research Insights Subscription

When you subscribe to receive our updates, we collect your email address and subscription preferences.

• Legal Basis: We rely strictly on your explicit Consent.

2.3 Direct Communications

If you reach out via email, telephone, LINE, LinkedIn, or other channels, we collect any contact information and message contents you provide under our Legitimate Interests to manage business relationships.

2.4 Website Technical Information & Tracking Technologies

To optimize your browsing experience, manage website tags, analyze performance, and deliver relevant advertisements, we utilize cookies, pixels, and web beacons. We collect:

• Technical Data: IP address, browser type and version, time zone setting, operating system, and platform.
• Usage Data: Information about how you use our website, pages visited, click patterns, and time spent.
• Tracking Tools Implemented: We use Google Tag Manager to deploy and manage tracking scripts. Through this, we utilize Google Analytics for web traffic analysis, alongside Meta Pixel and LinkedIn Insight Tag for conversion tracking and targeted advertising.
• Legal Basis: Necessary cookies are deployed under Legitimate Interests. Performance, analytics, and marketing tracking technologies (Google Analytics, Meta Pixel, and LinkedIn Insight Tag) are deployed only if you provide explicit consent via our Cookie Consent Banner (Consent Basis).

4. Cookies and Advertising Tags Management

Apart from strictly necessary cookies required for system stability, you have the absolute right to choose whether to accept analytics or marketing tags. You can adjust your preferences at any time via the Cookie Settings banner link on our website. Alternatively, you can modify your internet browser settings to block or delete cookies entirely, or utilize opt-out tools provided directly by Google, Meta, and LinkedIn.

Please note that disabling certain cookies or withdrawing consent for specific tags may affect the functionality, measurement accuracy, and tailored experience of our website.

5. Disclosure of Personal Data

We share your data only with trusted third-party service providers who act as our Data Processors to assist us in operating our business and providing services:

1. Internal Personnel: Authorized BEE team members who handle client relationships and research analysis.
2. Webflow, Inc.: Our website platform provider, hosting infrastructure, and form processor.
3. Communication & Cloud CRM Providers: Secure cloud email and productivity suites (e.g., Google Workspace) and Customer Relationship Management (CRM) platforms used for secure business communication and contact record management.
4. Analytics & Advertising Partners: Google LLC, Meta Platforms, Inc., and LinkedIn Corporation (subject strictly to your explicit cookie and tag consent).
5. Legal Authorities: Regulators, public authorities, or professional advisers where strictly required by applicable law.

We do not sell your personal data, nor do we share enquiry details with regional partners in Southeast Asia without informing you separately for a specific project engagement.

6. International Transfers (Cross-Border Data Transfer)

Because our website platform provider (Webflow, Inc.), tag management, analytics, and cloud service providers store and process data globally (predominantly in the United States, Europe, and other regions outside Thailand), your personal data will be transferred internationally.

To safeguard your information under Articles 28 and 29 of the PDPA, we ensure that all overseas data transfers are protected by appropriate technical, organizational, and contractual safeguards. This includes binding Data Processing Addendums (DPA) and Standard Contractual Clauses (SCCs) executed with our global providers (such as Webflow, Google, Meta, and LinkedIn) to guarantee a level of data protection equivalent to Thailand's PDPA standards.

7. Data Retention

We retain data only for as long as necessary for the purposes outlined in Section 3, or to comply with corporate statutory obligations:

• Enquiry Data (No project finalized): Retained securely within our Webflow forms database and internal communications for up to 2 years from the date of the last communication before permanent deletion.
• Client Project Data: For the duration of our business relationship and an additional 10 years following the completion of the project, in accordance with applicable civil, commercial, and tax statutes of limitation.
• Subscription Data: Kept securely until you choose to unsubscribe or withdraw your consent.
• Cookie & Tracking Tag Data: Analytics and marketing identifiers captured via Google, Meta, and LinkedIn are retained for a maximum period of 14 months from your last visit before automatic deletion, unless you clear them manually or withdraw your consent sooner.

8. Data Security and Breach Notification

We implement appropriate technical, physical, and organizational security measures to prevent unauthorized access, alteration, disclosure, loss, or destruction of your personal data.

• Webflow & Transfer Security: All data submitted via our website forms is protected using industry-standard Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption during transit and is stored utilizing Encryption-at-Rest on secure cloud infrastructure.
• Access Control: Access to your personal data is strictly restricted to employees and verified service providers who require the information to perform a specific job function.
• Data Breach Notification: In the highly unlikely event of a personal data breach that poses a high risk to your rights and freedoms, Blue Eagle Eye will notify you of the incident along with actionable remediation guidelines without undue delay. Furthermore, we will formally report the breach to the Office of the Personal Data Protection Committee (PDPC) within 72 hours of becoming aware of the incident, in strict compliance with legal requirements.

9. Your Rights as a Data Subject

Under the Thailand PDPA, you possess the following legal rights regarding your personal data:

• Right to withdraw consent (for tracking technologies and insights subscriptions)
• Right to request access to and obtain a copy of your personal data
• Right to data portability (transferring data to another controller in a machine-readable format)
• Right to object to the processing of your data (including profiling for marketing)
• Right to request erasure, destruction, or permanent anonymization
• Right to request restriction of processing
• Right to request correction of inaccurate or incomplete data
• Right to lodge a complaint with the official PDPC authority

Timeline for Response: We will respond to and execute your valid statutory requests within thirty (30) days from the date we receive your complete request and successfully verify your identity. To exercise any of your rights, please submit your request to san@blueeagleeye.com.

10. Third-Party Links

Our website features links to external services and professional networks such as LinkedIn, LINE, or Google Maps. We hold no responsibility for the independent privacy protocols, data collection practices, or cookie mechanisms of third-party platforms. We highly recommend reviewing their respective privacy notices before engaging or providing personal data through their platforms.

11. Updates to This Privacy Notice

We will update this Privacy Notice from time to time to mirror updates in our cookie usages, analytics configurations, advertising tag deployments, or legal guidelines under the PDPA. Any updated version will display a revised “Last updated” date at the very top of this page.