AI-Driven Expense Categorization | Digital Flow Max Connect

Introduction

At Digital Flow Max Connect, we understand that your financial data represents more than just numbers—it's your business story, your hard work, and your future plans. This privacy policy explains how we collect, use, protect, and share your personal information when you use our AI-driven expense categorization services.

We operate under Thailand's Personal Data Protection Act (PDPA) B.E. 2562 (2019) and maintain compliance with international privacy standards. Our commitment extends beyond legal requirements to genuine respect for your privacy rights and data security.

Important Notice

By using our services at digitalflowmaxconnect.com, you acknowledge that you have read, understood, and agree to the practices described in this privacy policy. If you disagree with any part of this policy, please discontinue use of our services.

Information We Collect

Our AI expense categorization system requires specific types of data to function effectively. We collect information in several ways, always with transparency about what we're gathering and why.

Financial Transaction Data

Transaction amounts, dates, merchant names, payment methods, and existing category labels from your accounting software or bank feeds. This data trains our AI to understand your business patterns.

Account Information

Your name, email address, company details, billing information, and service preferences. We use this to manage your account and provide personalized support.

Usage Analytics

How you interact with our platform, feature usage patterns, session duration, and system performance metrics. This helps us improve our service quality.

Technical Information

IP addresses, browser types, device information, and access logs. We collect this for security monitoring and technical troubleshooting purposes.

Data Collection Methods

Direct uploads through our secure platform interface
API connections with your existing accounting software
Bank feed integrations with proper authorization
Manual data entry through our web application
Customer support interactions and communications

How We Use Your Information

Your data serves specific purposes in delivering our AI expense categorization service. We don't use your information for unrelated activities or share it for marketing purposes without explicit consent.

Primary Service Functions

Training our AI algorithms to recognize and categorize your business expenses accurately
Generating expense reports and financial summaries based on categorized data
Providing insights and recommendations for expense management optimization
Synchronizing categorized data back to your accounting software systems
Maintaining audit trails and transaction history for compliance purposes

Account Management

Processing payments and managing subscription billing cycles
Providing customer support and technical assistance when requested
Sending service updates, security notifications, and important account information
Customizing your dashboard and user experience preferences

AI Model Training

We use aggregated, anonymized transaction patterns to improve our AI categorization accuracy. Your specific business details are never shared, but general spending patterns help our system better recognize similar transactions for all users.

Data Sharing and Disclosure

We maintain strict controls over data sharing. Your financial information stays within our secure systems except for specific, limited circumstances outlined below.

Service Providers

We work with carefully vetted third-party services that help us deliver our platform. These include cloud hosting providers, payment processors, and security monitoring services. All service providers sign comprehensive data protection agreements and can only access data necessary for their specific functions.

Legal Requirements

We may disclose your information when required by Thai law, court orders, or government regulations. This includes compliance with tax authorities, anti-money laundering investigations, or other lawful requests from authorized agencies.

Business Transfers

If Digital Flow Max Connect is acquired, merges with another company, or undergoes significant business restructuring, your data may transfer to the new entity. You would receive advance notice of any such changes with options to delete your data beforehand.

What We Never Share

We never sell your personal data to third parties for marketing purposes. We don't share your transaction details with competitors, advertising networks, or data brokers. Your financial information remains confidential and is used solely for providing our categorization services.

Your Privacy Rights

Under Thailand's PDPA and our commitment to data transparency, you have comprehensive rights regarding your personal information. We've designed straightforward processes to help you exercise these rights.

Access Rights

Request copies of all personal data we hold about you, including transaction histories, account information, and processing logs.

Correction Rights

Update or correct inaccurate information in your account, including business details, contact information, and categorization preferences.

Deletion Rights

Request complete deletion of your account and associated data, subject to legal retention requirements and active service obligations.

Processing Restrictions

Limit how we process your data in specific circumstances, such as during dispute resolution or account verification processes.

Data Portability

Receive your data in commonly used formats that allow transfer to other service providers or personal storage systems.

Objection Rights

Object to specific data processing activities, particularly those not directly related to providing our core categorization services.

How to Exercise Your Rights

Contact our privacy team at info@digitalflowmaxconnect.com with your specific request. We typically respond within 7 business days for simple requests and within 30 days for complex data access requests. Include your account email and specific details about what information you're seeking or what changes you want to make.

Data Security

Financial data requires exceptional security measures. We implement multiple layers of protection to safeguard your information against unauthorized access, data breaches, and system vulnerabilities.

Technical Safeguards

AES-256 encryption for data at rest and TLS 1.3 for data in transit
Multi-factor authentication requirements for all account access
Regular security audits and penetration testing by independent firms
Automated backup systems with encrypted off-site storage
Network monitoring and intrusion detection systems
Role-based access controls limiting employee data access

Organizational Security

Employee background checks and security training programs
Confidentiality agreements for all team members and contractors
Incident response procedures for potential security breaches
Regular security policy updates and compliance monitoring
Physical security measures for data center facilities

Security Incident Response

In the unlikely event of a security breach affecting your data, we will notify you within 72 hours via email and provide detailed information about what happened, what data was involved, and what steps we're taking to resolve the issue.

Data Retention

We retain your data only as long as necessary to provide our services and meet legal obligations. Different types of data have different retention periods based on their purpose and legal requirements.

Retention Periods

Active account data: Retained while your subscription remains active
Transaction data: Retained for 7 years after account closure for audit purposes
Billing records: Retained for 10 years as required by Thai accounting regulations
Support communications: Retained for 3 years after last contact
System logs: Retained for 2 years for security monitoring purposes
Marketing communications: Deleted immediately upon unsubscribe request

Secure Deletion

When data reaches the end of its retention period, we use secure deletion methods that make recovery impossible. This includes overwriting storage media and destroying backup copies according to industry standards for data destruction.

International Data Transfers

While our primary operations are based in Thailand, some data processing may occur in other countries where our cloud infrastructure partners operate. We ensure adequate protection for any international data transfers.

Transfer Safeguards

Standard contractual clauses with international service providers
Adequacy decisions recognizing equivalent privacy protection levels
Binding corporate rules for multinational technology partners
Regular assessments of data protection standards in recipient countries

Children's Privacy

Our expense categorization service is designed for business use and is not intended for individuals under 18 years old. We do not knowingly collect personal information from children. If we discover that we have inadvertently collected data from someone under 18, we will delete that information promptly.

Policy Updates

We review and update this privacy policy regularly to reflect changes in our services, legal requirements, or industry best practices. Material changes will be communicated through email notifications and prominent notices on our platform.

Notification Process

For significant changes affecting how we collect, use, or share your data, we provide 30 days advance notice. For minor updates like contact information changes or clarifications that don't affect your rights, we'll update the policy and note the revision date at the top of this page.

Contact Information

Privacy Officer
Digital Flow Max Connect
Bang Len, Bang Yai District
Nonthaburi 11140, Thailand

Email: info@digitalflowmaxconnect.com
Phone: +66 22 183 106

For privacy-related inquiries, please include "Privacy Policy" in your email subject line. We respond to all privacy requests within 7 business days.