Kunam AI Smile Design Logo
Kunam AI
Back to Home

Privacy Policy

How we collect, use, and protect your personal information

Last Updated: December 21, 2024

1. Introduction and Scope

Kunam AI Smile Design ("we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and safeguard your information when you use our AI-powered smile design service.

This policy applies to all users of our service and covers data processing activities conducted through our web application, mobile interfaces, and related services.

PDPA Compliance: We comply with the Thailand Personal Data Protection Act (PDPA) and other applicable data protection laws to ensure your personal data is handled with the highest standards of privacy and security.

2. Information We Collect

2.1 Personal Information

We collect the following types of personal information:

  • Account Information: Name, email address, Line ID (through Line LIFF integration)
  • Profile Data: Display name, profile picture (from Line account)
  • Contact Information: Email addresses for report delivery
  • Professional Information: Doctor name, patient name (when applicable)

2.2 Biometric and Image Data

Our core service requires processing of facial images:

  • Original Photos: Facial photographs uploaded for smile design analysis
  • Generated Images: AI-processed smile design results
  • Overlay Images: Comparison and analysis visualizations
  • Digital Signatures: Doctor and patient consent signatures

2.3 Technical and Usage Data

  • Device Information: Browser type, operating system, device identifiers
  • Usage Analytics: Feature usage, session duration, interaction patterns
  • Log Data: IP addresses, access times, error logs
  • Cookies and Tracking: Session management, preferences, analytics

2.4 Payment Information

Payment data is processed through our secure payment processor (Omise). We do not store complete payment card information on our servers. We may retain transaction IDs, payment status, and billing information for record-keeping purposes.

3. How We Use Your Information

3.1 Primary Service Delivery

  • Processing facial images through our AI algorithms to generate smile designs
  • Creating personalized smile design reports and visualizations
  • Delivering results via email to specified recipients
  • Managing user accounts and authentication through Line LIFF
  • Processing payments and managing token-based service access

3.2 Service Improvement and Analytics

  • Analyzing usage patterns to improve AI model performance
  • Conducting quality assurance and service optimization
  • Developing new features and enhancing user experience
  • Performing statistical analysis and research (anonymized data only)

3.3 Communication and Support

  • Sending service-related notifications and updates
  • Providing customer support and technical assistance
  • Delivering requested reports and design results
  • Communicating important policy or service changes

4. Legal Basis for Processing (PDPA Compliance)

Under the Thailand PDPA, we process your personal data based on the following legal grounds:

  • Consent: Explicit consent for biometric data processing and AI analysis
  • Contract Performance: Processing necessary to provide our smile design services
  • Legitimate Interest: Service improvement, security, and fraud prevention
  • Legal Obligation: Compliance with applicable laws and regulations

5. Data Sharing and Third-Party Services

5.1 Third-Party Service Providers

We work with trusted third-party services to deliver our platform:

  • Supabase: Database and storage services for secure data management
  • Vercel: Cloud hosting and deployment platform
  • Line LIFF: Authentication and user identity verification
  • Omise: Payment processing and transaction management
  • Resend: Email delivery service for reports and notifications

These providers are contractually bound to protect your data and use it only for the specific services they provide to us.

5.2 Data Processing Locations

Your data may be processed in various locations including Thailand, Singapore, and other regions where our service providers operate. We ensure appropriate safeguards are in place for international data transfers.

5.3 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes. Data sharing is limited to service delivery and legal compliance requirements only.

6. Data Security and Protection

6.1 Security Measures

We implement comprehensive security measures to protect your data:

  • Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
  • Access Controls: Role-based access with multi-factor authentication
  • Secure Storage: Images stored in private, access-controlled cloud buckets
  • Regular Audits: Security assessments and vulnerability testing
  • Data Minimization: Collection limited to necessary information only

6.2 Incident Response

In the event of a data breach, we will notify affected users and relevant authorities within the timeframes required by applicable law, including PDPA requirements.

7. Data Retention and Deletion

7.1 Retention Periods

  • Account Data: Retained while account is active + 2 years after deletion
  • Original Photos: 30 days after processing (unless user requests longer retention)
  • Generated Results: 1 year or until user deletion request
  • Transaction Records: 7 years for tax and legal compliance
  • Usage Logs: 90 days for security and analytics purposes

7.2 Data Deletion

You can request deletion of your personal data at any time. We will process deletion requests within 30 days, except where retention is required by law or for legitimate business purposes.

8. Your Rights Under PDPA

As a data subject under Thailand's PDPA, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for data processing

To exercise these rights, please contact us using the information provided in Section 11.

9. Cookies and Tracking Technologies

9.1 Types of Cookies

We use the following types of cookies:

  • Essential Cookies: Required for basic site functionality and security
  • Authentication Cookies: Manage user sessions and login status
  • Preference Cookies: Remember user settings and preferences
  • Analytics Cookies: Understand usage patterns and improve services

9.2 Cookie Management

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect site functionality.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify users of significant changes via email or through prominent notices in our application.

Your continued use of our services after policy updates constitutes acceptance of the revised terms.

11. Contact Information and Data Protection Officer

For privacy-related inquiries, data subject requests, or concerns about our data practices, please contact us:

Privacy Contact Information

Email: namandkuang@gmail.com

Address: Kunam AI Smile Design, Thailand

Response Time: We aim to respond within 30 days

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Personal Data Protection Committee (PDPC) in Thailand.

This Privacy Policy is effective as of the date stated above and governs our collection and use of your personal information.

Terms of Use|Back to Home