Privacy Policy

Introduction

Your privacy is important to us. This Privacy Policy explains what personal data we collect, how we use and share it, and your rights regarding that data when you use Vialatm.com and related services (collectively, the “Service”). Electronic Advertising Co. Ltd (“we” or “us”), as the operator of the Service, is the “data controller” for the personal information collected via Vialatm (except where we process data on behalf of a third-party, in which case we act as a data processor). We are committed to handling your personal information in a lawful, transparent, and secure manner, in compliance with applicable international data protection laws, including the EU General Data Protection Regulation (GDPR).

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service. We may update this Privacy Policy from time to time (see “Changes to this Policy” below), and will notify you of any significant changes.

Data We Collect

We collect several categories of personal data in order to operate and improve the Service:

  • Account Information: When you register, we collect information such as your name, email address, and contact details. This may also include your account credentials (which are stored in an encrypted/hashed form), preferred language, and any profile information you choose to provide. If you contact customer support or communicate with us, we may collect the content of those communications.

  • Device and Geolocation Data: The core functionality of Vialatm is GPS tracking. With your use of our mobile app or tracking devices, we collect precise geolocation data of your tracked device(s) (latitude/longitude coordinates and timestamps), as well as movement information like speed or heading when available. Geolocation data is personal data under GDPR when it can identify an individual’s device or movements. We treat this data with a high level of sensitivity. We also collect device identifiers and metadata, such as the device’s name (as given in the app), device type or model, and any sensor data related to IoT features (for example, if a device reports temperature or other telemetry, that data is collected as part of the Service).

  • Usage Data: We automatically collect information about how you use the Service. This includes log data like your IP address, browser type, mobile device type, operating system, referring URLs, pages viewed, and the dates/times of access. We also record interactions with features – for example, when you create a geofence, when a trip history report is generated, or when you integrate with a messaging bot. This behavioral data helps us troubleshoot issues and understand usage patterns.

  • Notifications and Integrations: If you enable notifications or integrate messaging services (Viber, Telegram, WhatsApp), we may collect identifiers needed to send you messages (such as your messenger user ID or phone number on those platforms). We will also process the content of notifications or commands sent through those integrations (e.g., a notification that “Device A has left Zone 1 at 5:00 PM” which contains location info). Keep in mind that messages sent via third-party platforms may be stored on those platforms as well, subject to their own privacy policies.

  • Payment and Transaction Data: If you upgrade to a paid plan, our reseller Paddle will collect payment information (such as credit card details, PayPal or other payment data) directly; we do not store your full payment card information on our systems. We do receive from Paddle certain transactional details necessary for our records: for example, your name, email, billing address (if provided for invoice), the amount paid, currency, and subscription or order details. We keep a record of your purchases and subscriptions (e.g., which plan you subscribed to, how many devices paid for, and the dates of payments) for accounting and support purposes.

  • Cookies and Similar Technologies: We use cookies, web beacons, and similar tracking technologies on our website and web app. Cookies are small text files placed on your device to help the site function and gather information. For instance, we use essential cookies to keep you logged in and remember your preferences (such as language or unit settings). We may use analytics cookies to understand how users navigate our site (e.g., page views, button clicks) so we can improve usability. We do not use cookies for advertising purposes (the Service currently does not display third-party ads). For more details, see “Cookies and Tracking” below.

We do not knowingly collect data from children under 18, since our Service is not offered to them. We also do not collect any special categories of personal data (such as information on health, religion, biometric identifiers, etc.) unless you explicitly input such data into the Service (which is not expected for typical usage of a GPS platform).

How We Use Your Data

We use the collected data for the following purposes, and we ensure that we have a valid legal basis for each use (such as fulfilling our contract with you, our legitimate interests, your consent, or legal obligations):

  • To Provide and Maintain the Service: We process your GPS location data, device data, and account info to display real-time tracking, generate trip histories, send notifications, and otherwise deliver the core functionalities you expect. For example, we use your device’s location coordinates to plot on the map and to trigger geofence alerts, and we use your account info to log you in and show your dashboard. This processing is generally based on performance of a contract – i.e., these uses of data are necessary to provide the Service you requested.

  • Freemium/Paid Plan Management: We use your data to manage free vs paid usage. For instance, we may track how many devices are linked to your account to determine if you are within the free tier or require a paid plan. If you are on a paid plan, we use usage information to calculate your charges (postpaid) and provide Paddle with the necessary info to bill you. This is part of our service contract and legitimate interest in being compensated for our services.

  • Communication: We use contact information (email, and if applicable, messenger IDs) to send you service-related communications. These include notifications or alerts you have enabled (e.g., movement alerts via Telegram), verification emails when you sign up or reset a password, support responses if you contact us, and administrative messages about your account or transactions. We may also send you informational newsletters or updates about new features if you have opted-in to such communications; you can opt out at any time. Our basis for sending marketing or optional communications is consent (where required by law), and for essential communications our basis is fulfilling our services to you.

  • Improvement and Analytics: We analyze usage data (including logs and cookies data) to understand how our Service is used. This helps us troubleshoot problems (e.g., investigating a crash or an error log), secure the Service (detecting suspicious login attempts or abuse patterns), and make informed decisions on improving features and user experience. For example, we might analyze that a certain feature is rarely used and decide to simplify it, or use performance logs to improve the app’s speed. We typically rely on our legitimate interest in maintaining and improving our Service for this kind of data processing. Where feasible, we use aggregated or anonymized data for analytics to avoid identifying individuals.

  • Personalization: To a limited extent, we may use data to personalize your experience. For instance, we might remember your preferences such as map type or default zoom level for convenience, or localize content based on your language settings or approximate location (from IP or chosen country) to show appropriate regional settings. This is part of providing a better user experience (legitimate interest/contractual necessity).

  • Security and Fraud Prevention: We process certain data to protect the Service and our users. This includes using IP addresses, device information, and account activity to detect and prevent fraudulent or unauthorized use. For example, we may detect that an account has an unusual login pattern and prompt for additional verification, or use automated tools to block spam or abuse (such as excessive API calls or attempts to hack the system). We also may use CCTV or access logs if you visit our offices, though this is outside the online Service scope. This processing is based on legitimate interests in securing our Service and compliance with legal obligations to protect data.

  • Legal Compliance: We may use or disclose your information as required by applicable laws and regulations. For instance, to comply with a legal process (court order, subpoena) or to respond to lawful requests by public authorities (e.g., for meeting national security or law enforcement requirements). We also keep certain records to comply with financial and tax laws (e.g., keeping transaction records as required by accounting rules or tax authorities) – such records will contain personal data like transaction history and are kept as long as legally mandated. Additionally, under GDPR and similar laws, if we rely on consent for processing your data, we keep track of when and how you gave consent, and you have the right to withdraw consent at any time (with effect for future processing) 12 .

  • Other Purposes (with Notice/Consent): If we ever need to process your personal data for a new purpose that is not compatible with the purposes listed above, we will provide you with notice and, if required, request your consent before doing so.

We do not sell your personal data to third-party advertisers. We may sometimes compile aggregated, nonidentifiable data (for example, “total number of devices tracked this month” or general usage statistics) for business insights, which does not contain personal information.

Legal Bases for Processing (GDPR Compliance)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases, as defined in Article 6 of the GDPR:

  • Performance of a Contract: Most of our data processing is to provide you with the Service you requested. For example, processing your location data and account details is necessary to perform our contract with you (the Terms of Service).

  • Legitimate Interests: We process certain data for our legitimate interests, which include improving our Service, securing our platform, and communicating with you about product updates. When we rely on this basis, we ensure that our interests are not overridden by your privacy rights. For example, using usage logs to prevent fraud is in our legitimate interest and benefits all users by keeping the platform safe.

  • Consent: For optional features or integrations, we rely on your consent. For instance, we will only collect precise location data from your mobile device if you have given permission through your device settings. Similarly, we will only send marketing emails or integrate with messaging apps at your request or with your consent. Where we rely on consent, you have the right to withdraw consent at any time, and we will stop the processing in question going forward (this will not affect the legality of processing done before withdrawal). An example is that you can disconnect a messaging integration or unsubscribe from a newsletter at any time, and we will honor that.

  • Legal Obligation: When laws require us to retain or disclose certain data (e.g., financial records for tax, or data upon government request), we process and keep data as necessary to comply with those obligations.

We strive to apply GDPR principles of data minimization (collecting only what we need) and purpose limitation (not using data for unrelated purposes without additional notice/consent). We also support the principle of accountability by keeping records of our processing activities and, if processing high-risk data like precise location at large scale, performing Data Protection Impact Assessments (DPIA) as required 13 .

Cookies and Tracking Technologies

When you use the Vialatm website or web application, we and authorized third parties (like analytics providers) use cookies and similar tracking technologies to collect some information automatically. Here is how we use these technologies:

  • Essential Cookies: These are necessary for the Service to function properly. For example, when you log in to the web app, we set a session cookie to keep you authenticated as you navigate between pages. Without this, you would have to log in repeatedly for each action. These cookies do not require consent where they are strictly necessary for service operation.

  • Preferences: We may use cookies to remember your preferences, such as your chosen language, units of measurement (miles vs kilometers), or interface customizations. This enhances your experience (so you don’t have to set preferences each time). You can control these via your browser settings if you prefer not to allow them, but some preferences might not be saved.

  • Analytics: We may use third-party analytics tools (for example, Google Analytics or a similar service) that set their own cookies to collect information about how users interact with our site – such as the pages visited, time spent, and any errors encountered. This information helps us identify areas to improve. The data collected is typically aggregated and does not directly identify you. However, such third parties may receive your IP address or assign you a unique identifier via the cookie. We will request your consent for analytics cookies where required by law (e.g., via a cookie consent banner when you first visit our site from the EU). You can opt out of analytics cookies by not consenting in the banner or by installing opt-out browser add-ons as provided by some analytics providers.

  • Third-Party Integrations: If we embed content or interact with third-party services (like maps from Google Maps or chat widgets), those providers might set cookies or pixels. For example, our map view might use a map service that employs cookies to manage map tiles or track usage. We will endeavor to disclose such practices in this Policy or in context. You can usually block third-party cookies via your browser settings without affecting core functionality, though integrated features might then not work.

  • Do Not Track: Our Service currently does not respond to “Do Not Track” signals from browsers. However, you have the ability to manage cookies through your browser settings. You can also delete cookies at any time or configure your browser to reject cookies. Note that if you disable cookies entirely, some parts of the Service (especially the web app) may not function correctly (for example, you might not be able to log in or maintain a session).

For more detailed information, you may refer to our separate Cookies Policy (if provided on our website) which elaborates on specific cookies in use and their lifespans.

Data Sharing and Disclosure to Third Parties

We value your privacy and share personal data with third parties only in limited circumstances, described below. We do not sell personal data. When we do share data, we ensure appropriate safeguards are in place (such as contracts or data processing agreements) to protect your information.

  1. Paddle (Payment Processor/Reseller): As noted in our Terms, all payments are handled by Paddle, our authorized reseller. When you make a purchase or subscribe to a paid plan, Paddle will collect and process your payment information on their secure checkout platform. We share with Paddle the minimum necessary data to complete the transaction, such as your account identifier, the items or plan you are purchasing (e.g., number of devices or subscription tier), and your email (which Paddle uses for receipt delivery and record-keeping). Paddle may also collect your IP address and device information for fraud prevention. Paddle acts as an independent data controller for the payment data they process (e.g., your credit card details) under their own privacy policy . They are based in the UK/USA and are GDPRcompliant. Paddle provides all customer service for billing inquiries and handles refunds or chargebacks as needed 7 . If you have issues with a payment, you may contact Paddle directly, but you can also reach out to us and we will coordinate with Paddle to assist you. (See Paddle’s privacy notice on their site for more details on how they handle personal data.)

  2. Messaging Platforms (Viber, Telegram, WhatsApp): If you choose to link these services, we will share data at your direction to facilitate the integration. For example, if you link a Telegram bot to your account, we send data to Telegram’s servers whenever an alert is triggered (so that Telegram can deliver the message to you). This data might include your account’s identifier on that platform and the content of the message (which could contain location or device info). Similarly, if you send a command via a messenger to control your device (if such feature exists), that command goes through the messenger’s servers to us. We do not share your Vialatm account password or sensitive account info with these platforms, but they will necessarily process some of your data to transmit messages. Each of these companies (Viber, Telegram, Facebook/WhatsApp) will handle the information under their own privacy policies. We recommend you review those policies when enabling an integration. You can disconnect integrations at any time through our Service settings, after which we will stop sharing data with that platform (aside from what may be cached or stored on their end from prior communications).

  3. Cloud Service Providers: We use reputable third-party companies to host and operate Vialatm. This includes cloud hosting providers (for our servers and databases), data storage services, content delivery networks (CDNs), and email service providers (to send verification or notification emails). Examples might include Amazon Web Services (AWS), Google Cloud, or similar, for server infrastructure. These providers may process your data on our behalf, but only for the purpose of providing their services to us (for example, storing data or sending emails) and not for their own use. We have data processing agreements in place with such providers to ensure they safeguard your data and use it only as instructed by us.

  4. Analytics and Crash Reporting: To improve our Service, we might use third-party analytics (as discussed in Cookies) or crash reporting services that capture some data when the app or site experiences issues. These third parties (e.g., Google Analytics, or Sentry for error logging) will receive certain information like device type, OS, and error logs. We anonymize or pseudonymize analytics data where feasible. These third parties are prohibited from using personal data for purposes other than providing services to Vialatm. IP addresses may be processed by analytics tools to determine general location (country or city level) but we usually configure analytics to mask or truncate IP addresses when possible to protect privacy.

  5. Business Transfers: If the Company is involved in a merger, acquisition, investment, reorganization, or sale of all or some of its assets, personal data may be transferred to the new owner or partner as part of that deal. For example, if another company acquires Vialatm, your information would likely be one of the assets transferred. In such cases, we will ensure that the new owner is bound by terms that are at least as protective of your privacy as this Policy, and we will provide notice (e.g., via email and/or prominent notice on our site) of any such change in ownership or control of personal information, as well as any choices you may have. You would then become subject to the privacy policy of the new entity, but we will aim to ensure a seamless and secure transition.

  6. Legal and Safety Disclosures: We may disclose personal information if we have a good-faith belief that such action is necessary to: (a) comply with a legal obligation or resolve any legal claims (such as responding to subpoenas, warrants, or court orders); (b) protect and defend our rights or property, or the rights and safety of our users or the public. For instance, if law enforcement provides a lawful request for data (and the request is valid under applicable law), we may provide the requested information after verifying the request. We will attempt to notify you of such requests when permissible (and if we have contact information), except when prohibited by law or when the request is an emergency. Additionally, if we need to enforce our Terms of Service or investigate potential violations (fraud, security threats, etc.), we might access and use relevant personal data and share it with advisors or authorities as appropriate.

  7. With Your Consent: Aside from the scenarios above, if we want to share your information in a way not covered by this Policy, we will ask for your consent. You have the right to say no, and if you give consent and change your mind, you can contact us to withdraw that consent.

International Data Transfers

The Service is operated from Thailand, and our servers or service providers may be located in multiple countries. If you are located outside of Thailand (for example, in the European Union), your personal data will likely be transferred to and processed in Thailand or other jurisdictions. Some of these countries may not have the same level of data protection laws as your home country. However, we take steps to ensure that your personal information is given adequate protection wherever it is processed.

For users in the EEA/UK: whenever we transfer personal data out of the EEA to countries not deemed by the European Commission to have adequate data protection (such as Thailand or the United States), we rely on appropriate transfer mechanisms as required by GDPR. These might include:

  • Standard Contractual Clauses (SCCs): We may incorporate the EU-approved SCCs in our contracts with service providers to contractually ensure your personal data has equivalent protection to the EU standard.

  • Consent: In some cases, we may ask for your explicit consent for a transfer, especially if it’s to a third party that is not under an SCC or other safeguard.

  • Other Safeguards: If applicable, we might rely on frameworks like the EU-US Data Privacy Framework (if our providers are certified under it), or binding corporate rules for intra-company transfers.

By using Vialatm, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Policy. We will ensure any such transfers comply with applicable laws and that your data remains protected.

Please note, data stored in another country (like the USA) might be subject to lawful access requests by courts or law enforcement in that country. We will only comply with such requests if they are legally valid and necessary.

Data Retention and Deletion

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, or as required by law. The retention period can vary depending on the type of data and the context of processing:

  • Account Data: We keep your account information (name, email, etc.) and profile data for as long as your account is active. If you delete your account or if it becomes inactive for an extended period, we will initiate deletion of your personal data. “Inactive” generally means a prolonged period (e.g., 1-2 years) with no logins or device activity, but we will attempt to reach out to you via your registered email before deleting an inactive account. Upon account deletion (whether initiated by you or by us for inactivity), we will erase or anonymize personal data associated with your account within a reasonable timeframe. Some residual information (like logs in backups) might remain in our archives for a short period until those are rotated out.

  • Location and Tracking Data: Your device location history and related telemetry are stored to provide you with historical reports and analytics. By default, we retain this data to show you historical usage (trip history, etc.). You may have the ability within the app to delete certain history or logs for your devices. If you remove a device from your account, its associated tracking history will be deleted or anonymized after a short grace period. If you delete your account entirely, all associated location data will be deleted as part of account deletion process (again subject to backup retention for a limited time). In some cases, we might offer settings to limit how long history is kept (for example, auto-delete data older than X days) – if such settings are available, you can configure them.

  • Transactional Records: We will retain records of transactions, payments, and invoices for at least the duration required by tax and accounting laws. In many jurisdictions, that’s 7 years. These records will include personal data such as your name, contact, and transaction details. However, this data is kept solely for compliance and financial record purposes.

  • Communications: If you contact support or send us feedback, we may keep those communications as long as necessary to address your issue and improve our services. Support tickets and email correspondence may be retained for a period (e.g., 2 years) in case you have further issues and for training purposes.

  • Logs and Analytics: Our server logs and analytics data are typically rotated or deleted within a shorter period, usually 6-12 months, unless we need to retain them longer for security analysis. We may keep security-related logs (for example, records of sign-in attempts or significant changes) for a longer period (up to several years) to investigate and prevent fraud or unauthorized access. When data is used for analytics, we may aggregate or anonymize it and store it indefinitely for statistical purposes without identifying users.

  • Backup Storage: Our systems perform routine backups to ensure resilience. Backup data is encrypted and stored securely. Any personal data in backups will be deleted when backups are overwritten in the normal cycle. Our backup retention is typically a few weeks to a few months. We do not use backups to restore deleted user data except as needed for disaster recovery for the system as a whole. If you’ve requested deletion, we will ensure it is applied to the live systems and any accessible archives, and after the retention period the data will not be present in backups either.

When we no longer have a legitimate need or legal obligation to retain your personal data, we will securely delete or anonymize it. If deletion is not immediately possible (for example, because the data is stored in archives), we will isolate it from further processing until deletion is possible.

Data Security

We take appropriate security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: All communications between your device/browser and our servers are encrypted via HTTPS/TLS. Sensitive data at rest (like passwords, which are stored as salted hashes) and other critical information are encrypted in our databases. Geolocation data and personal details are stored in secure cloud databases with encryption at rest provided by our cloud provider.

  • Access Controls: Internally, we restrict access to personal data to employees or contractors who need it to operate, develop, or support the Service. Access is controlled through authentication, and our staff are bound by confidentiality obligations. Administrative access to our systems is logged and monitored. We also ensure that third-party processors handling data implement robust security (as per our contracts with them).

  • Infrastructure Security: We maintain firewalls and network monitoring to protect our servers. Regular security patches are applied to software components. We utilize anti-virus and anti-malware tools as needed. Our platform is built with separation between users’ data; each account’s data is siloed to prevent one user from accessing another’s information.

  • Testing and Auditing: We periodically review our information collection, storage, and processing practices to guard against unauthorized access. This includes performing security testing on our applications and backend. We may also engage third-party security auditors or run a bug bounty program to identify vulnerabilities. Logs and audit trails are maintained for critical actions in the system.

  • Data Breach Procedures: Despite all efforts, no method of transmission over the internet or electronic storage is 100% secure 17 . We cannot guarantee absolute security. However, in the unlikely event of a data breach that affects your personal data, we have an incident response plan to address it. We will notify affected users and relevant authorities as required by law (for example, under the GDPR, we would notify the supervisory authority and users of certain breaches within the required timeframe).

Remember that you also play a role in keeping your data secure. Choose a strong password, do not share it, and notify us immediately if you suspect any unauthorized access to your account. Also, be aware that emails and messaging integrations may not be encrypted end-to-end on their entire path; avoid sharing highly sensitive information through those channels.

Your Rights and Choices

Depending on your jurisdiction (and particularly if you are in the EU/EEA, UK, or other regions with similar laws), you have certain rights regarding your personal data. We are committed to honoring these rights. These rights include:

  • Right to Access: You have the right to request a copy of the personal data we hold about you, as well as information about how we process it. This allows you to confirm if we are processing your data and to check its accuracy. We will provide this in a commonly used electronic form.

  • Right to Rectification: If any personal data we have about you is incorrect or incomplete, you have the right to request correction or completion. For example, you can edit your account profile information and you can ask us to correct any erroneous records.

  • Right to Erasure (Right to be Forgotten): You may request the deletion of your personal data when it’s no longer necessary for us to retain it, or if you withdraw consent (where applicable) or object to processing and we have no overriding legitimate grounds 20 . When you delete your account through our interface, this essentially invokes this right – we will delete your personal data as described in the retention section. Note some data cannot be deleted if we are required to keep it by law (e.g., transaction records), but we will inform you if so.

  • Right to Restrict Processing: You have the right to ask us to suspend processing of your personal data in certain circumstances – for instance, if you contest the accuracy of the data, you can request a restriction while we verify it, or if processing is unlawful and you prefer restriction over deletion. During restriction, we will store your data securely and not use it (except to the extent allowed by you or required for legal reasons).

  • Right to Data Portability: You have the right to obtain the personal data you provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another service where technically feasible 20 . For example, you may request an export of your tracked location history or device data that you have input, so you can use it in another system. We will facilitate such export as required.

  • Right to Object: You have the right to object to certain processing of your personal data, particularly where we rely on legitimate interests. If you object, we will evaluate whether our legitimate grounds for processing override your privacy rights. You also have an unconditional right to object to direct marketing – if we ever send marketing emails, you can opt-out easily via an “unsubscribe” link or by contacting us, and we will honor that choice. Additionally, you can object to any automated decisionmaking (though we do not typically do automated decision-making that has legal or similarly significant effects on individuals).

  • Right to Withdraw Consent: If we process any data based on your consent, you have the right to withdraw that consent at any time. For example, if you consented to share data with a WhatsApp integration and later change your mind, you can revoke that consent by disconnecting the integration or contacting us. Withdrawal of consent will not affect the lawfulness of processing already carried out, and may result in certain features no longer being available (but we will continue providing the core Service as long as it doesn’t rely on that consent).

To exercise any of these rights, please contact us (see Contact section below). For security, we may need to verify your identity (for example, by confirming you have access to the email associated with your account or asking for information that matches our records). We will respond to requests within one month, or sooner if required by local law. If your request is complex or numerous, we may extend this by up to two further months, but we will inform you and explain why.

There are some limitations and exceptions to these rights. For example, if fulfilling your request would reveal personal data about another person, or if you request deletion of data we are legally required to keep, we may not be able to comply fully. We will explain any such refusal or partial compliance in our response.

California Residents: (If applicable) California law (CCPA/CPRA) provides California consumers with specific rights regarding their personal information, such as the right to know, delete, and opt-out of selling/ sharing. As our policy is to not sell personal information, the opt-out of sale is not relevant. California users can exercise their rights similar to GDPR rights by contacting us, and have the right not to receive discriminatory treatment for exercising their privacy rights.

If you have an unresolved concern about our privacy practices, you also have the right to lodge a complaint with a data protection supervisory authority. For EU users, this would be your country’s Data Protection Authority (DPA). For example, if you are in the EU, you may contact the lead supervisory authority in the country of our EU representative or your local DPA. We encourage you to contact us first, so we can address your concerns directly.

Children’s Privacy

As mentioned, our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you are under 18, do not use the Service or provide any information about yourself. If we learn that we have collected personal information from someone under 18, we will take steps to delete that information promptly. Parents or legal guardians: if you discover that a minor in your care has provided personal data to us, please contact us and we will remove the data and terminate the minor’s account. In certain cases (such as a family using the Service to track a child’s device for safety), the parent must be the account holder and controller of that data. Even in those cases, the account must be created and managed by an adult. We expect users to comply with our age restriction as a condition of using Vialatm.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. When we make changes, we will revise the “Last Updated” date at the top of this policy. If the changes are significant, we will provide a more prominent notice (such as a notification on our website or an email to registered users) to inform you of the update. Please review this Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after any update constitutes your acceptance of the revised Privacy Policy, to the extent permitted by law 23 .

If we make a change that requires your consent (for example, if in the future we seek to use your data for a new purpose that requires consent), we will obtain your consent as needed.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us at:

Electronic Advertising Co. Ltd (Vialatm)

Email: privacy@vialatm.com (for privacy inquiries)

Address: [Physical address, e.g., Street, City, Postal Code, Thailand] – (Note: actual address to be inserted) Telephone: [if available].

For the purposes of GDPR, Electronic Advertising Co. Ltd is the data controller. If you are in the EU/EEA, you may also contact our EU representative at [contact info of EU rep if appointed] (as required under Article 27 GDPR, if applicable).

We are committed to resolving any issues you have. If you feel we have not addressed your concerns satisfactorily, as noted above, you have the right to contact your local Data Protection Authority.

Thank you for trusting Vialatm with your GPS and IoT tracking needs. We value your privacy and work hard to protect it.