iSTRONG - iSTRONG

Welcome to iSTRONG Application, a mental health application dedicated to providing quality counseling and support services operated by Actualiz Co.,Ltd.. This Privacy Policy is designed to inform you about how we collect, use, store, and protect your personal information. Your privacy and the security of your data are of utmost importance to us, and we are committed to maintaining the highest standards of confidentiality and compliance with applicable data protection laws.

At iSTRONG Application, we understand the sensitive nature of mental health information. Therefore, we take extra care to handle your personal and health-related data with the utmost respect and confidentiality. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of the information we receive from you through our application.

By accessing or using our services, you agree to the terms and conditions outlined in this Privacy Policy. We encourage you to read this policy in its entirety to understand our practices regarding your personal information and how we will treat it.

If you have any questions or concerns about our Privacy Policy or our data handling practices, please feel free to contact us at following address and information.

Actualiz Co.,Ltd. (Head Office)

189/81 Thep Rak Road, Tha Raeng, Bang Khaen, Bangkok 10220
Tel. +662 0268949
Email: [email protected]

1. Data Collection and Storage

1.1 Types of Data Collected

We collect personal identification information, which includes names, surnames (with an option for anonymity), dates of birth, employee IDs, and other identifying details necessary for account creation and personalization.
To facilitate effective communication and service delivery, we gather contact details such as email addresses, phone numbers, and mailing addresses.
Information related to the user’s preferences and settings within the app is collected, aiding in customizing and enhancing the overall user experience.
We collect comprehensive health-related data, which encompasses past and present health conditions, symptoms, treatment history, and other vital medical information. This includes notes, assessments, and outcomes from counseling sessions and interactions, as well as personal health metrics input by users about their mental and physical health status, lifestyle choices, and other relevant health details.
To ensure service compatibility and effective troubleshooting, we collect technical and device data. This includes the type of device used, operating system, app version, device identifiers, and other pertinent technical information. Additionally, we monitor how users interact with the app, such as the features they use, session durations, app navigation paths, and overall frequency of use.
We keep records of communication between users and our support team, any feedback provided, and interaction data from within the app. This also includes content created or shared by users within the app, such as posts in community forums, user comments, or shared stories.
Our app utilizes cookies and similar technologies to understand user preferences, analyze app usage patterns, and provide a tailored app experience.
Given the sensitive nature of our mental health services, we handle categories of sensitive data with enhanced security and privacy measures. Such sensitive data is collected strictly with explicit user consent and is safeguarded with utmost care.

1.2 Methodology of Data Collection

During account creation and profile setup, users provide personal details such as name, age, department, and contact information. This is fundamental for personalizing the user experience and service delivery.
We collect information entered by users while interacting with various features of the app, including during counseling sessions, feedback forms, or health assessments.
Data is gathered through direct communications with users via email, in-app messaging, or customer support interactions, enabling us to address user needs and improve service quality.
We automatically collect data on user interactions with the app, including pages visited, session duration, and frequency of use. This analytics help us in understanding user behavior and preferences.
Technical data from the user’s device, such as operating system, device model, IP address, and other relevant hardware information, is collected to optimize app performance and ensure compatibility.
We use cookies and similar technologies to collect data regarding app usage patterns, preferences, and customization settings. Users have the option to manage their cookie preferences within the app.
Integration with Virtual Meeting Apps

Our app integrates with virtual meeting applications for video calling in counseling sessions, enhancing the user experience with secure and efficient video consultations.
Essential user data is shared with these platforms, strictly limited to what is necessary for conducting video or voice counseling sessions, such as user contact details and appointment schedules.
Explicit user consent is obtained before any data sharing with virtual meeting platforms. Users can opt in or out of this feature and manage their settings related to these integrations within the app.
All video sessions conducted through integrated platforms are encrypted and secured. We offer guidelines for maintaining privacy and security during these sessions and provide comprehensive information about the integration, including data usage and user benefits.

We ensure that explicit user consent is obtained for all data collection, especially for sensitive information. Users are informed about the specific data being collected and its intended use.
Users are encouraged to provide accurate information and keep it updated for effective service delivery. They can update their personal information at any time through the app's settings or by contacting our support team.
Special attention is given to the collection of health data, ensuring it is done with the utmost care and strictly with explicit user consent.

1.3 Storage and Handling of Data

All data, including personal and health information, is encrypted both in transit and at rest to ensure security and confidentiality. This robust encryption safeguards data from unauthorized access and potential breaches. Employees are strictly prohibited from storing any customer’s personal data and health information on personal computers or devices.
Our data is stored in secure data centers located in Thailand. These facilities employ both physical and electronic safeguards and are monitored continuously to ensure the protection of your data against unauthorized access and environmental hazards.
Access to personal data within our organization is strictly limited to authorized personnel. Employees and contractors with access privileges are bound by confidentiality agreements and receive training in data protection and privacy. Regular security audits and vulnerability assessments are conducted to uphold the safety and security of our data storage and handling practices.
Users can access, review, update, or correct their personal information via the app. This capability empowers users to ensure the accuracy and up-to-dateness of their data. Additionally, upon request, we facilitate the export of user data in a commonly used format, enabling users to transfer their information to other services if desired.
Regular data backups are performed to prevent loss due to technical failures, cyber-attacks, or other unforeseen events. These backups are securely encrypted and stored. We have a comprehensive disaster recovery plan to quickly restore services in case of major incidents, minimizing impact on users.
Our data retention policies are clearly defined and communicated. We retain personal data only as long as necessary for service provision or as required by law. Upon the end of the necessity, data is securely disposed of or anonymized to prevent reconstruction or reading.
Our practices comply with all applicable data protection laws, including PDPA, GDPR, HIPAA, and other regional regulations. We maintain transparency in our data handling and are accountable for the data under our care. Regular updates to our practices are made in line with new regulations and technological advancements.
We respect user rights as outlined in data protection laws. These include rights to access, correct, and delete personal data, and the right to object to or restrict certain processing types. Continuous monitoring of changes in data protection laws ensures our practices remain compliant.
Proactive steps are taken to ensure data accuracy and currency. Users are provided tools to easily update their personal information and are encouraged to regularly review and update their profiles, especially regarding health status or contact details, to enhance service effectiveness.
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected. This includes providing our services, complying with legal obligations, or for other legitimate business purposes. The duration of data retention is determined based on the nature of the data, the purpose of its collection, and any applicable legal or regulatory requirements.
In line with our contractual agreements with customers, we commit to retaining personal data for at least one year after the termination of a customer's contract. This practice ensures that we meet our obligations and provide continued service excellence even post-contract.
Upon the expiration of the retention period, or upon a user's request where applicable, personal data is securely deleted or anonymized. We adhere to industry-standard processes for secure data deletion, ensuring that the data cannot be reconstructed or read. This approach is an integral part of our commitment to respecting user privacy and protecting their personal information.
Our data retention policies are regularly reviewed and updated to ensure compliance with current laws and relevance to our business practices. We are dedicated to handling all personal data lawfully and ethically, respecting user rights as outlined in data protection laws. This includes rights to access, correct, and delete personal data, and to object to or restrict certain types of processing.

2. User Consent

When users register for an account or start using our application, we obtain explicit consent to collect, use, and forward their personal and health-related information as outlined in this Privacy Policy.
We ensure that users are fully informed about the types of data collected, the purposes for which it is collected, and how this information will be used and shared. All such information is provided in clear, easily understandable language.
Consent specifically covers the collection of personal identification data, health information, and other relevant details necessary for the effective provision of our services.
We also obtain user consent for sharing data with trusted third-party service providers, partners, and as required by law, ensuring transparency in all our data handling practices.
Special attention is given to sensitive data categories such as health and medical information. We obtain separate, explicit consent for the collection and processing of these types of data, recognizing their sensitive nature.
Users have the full right to withdraw their consent for the collection, use, and sharing of their data at any time. To exercise this right, users can simply send an email to [email protected] indicating their desire to withdraw consent. Upon receiving a request for consent withdrawal via email, we will promptly process the request in accordance with our data handling procedures. Users should be aware that withdrawing consent may affect the availability and quality of certain services provided by the app. It's important for users to understand that withdrawing consent may impact their ability to use some or all of the services offered by the app. We will provide clear information on any service limitations or changes that occur as a result of consent withdrawal. We are committed to ensuring that all users are fully informed about how their consent withdrawal will affect their use of our services. Our team is available to address any questions or concerns regarding the process and implications of withdrawing consent.
Should there be any changes to our data collection and usage practices, we will promptly communicate these changes to users. Additional consent will be obtained if necessary to ensure ongoing compliance.
Our consent forms and processes are regularly reviewed and updated to ensure they align with legal standards and best practices in data protection and user privacy.

3. Data Minimization

We strictly adhere to the principle of data minimization, collecting only the data essential for the effective functioning of our app and the provision of mental health services. This approach includes limiting the collection of sensitive personal information to what is strictly necessary.
Our data collection is focused and specifically aligned with the app’s functionality. Essential information such as name, age, and contact details are gathered at account registration, avoiding any unnecessary personal details unless they are directly relevant to our counseling services.
Users have the option to limit the amount of data they share. We offer opt-out choices for additional data collection features and use only essential cookies for basic functionalities, subject to user consent.
Health-related data collection is strictly relevant to the counseling services offered. We avoid collecting unrelated health information, ensuring data collection is pertinent to user needs.
Unnecessary personal data is not collected in app features or feedback forms. For instance, mood tracking gathers only mood ratings and relevant notes. Where personal identification isn’t necessary, data is anonymized.
Data is retained only as long as necessary for its intended purpose, including legal compliance and service provision. Regular reviews ensure data is not kept longer than necessary, with secure deletion practices implemented for data no longer required.
Additional care is taken in data collection from minors, ensuring minimal data collection and mandatory parental or guardian consent.
All collected data is used strictly in line with its collection purpose. We limit data sharing, ensuring any shared data aligns with data minimization principles.
Our app’s technical architecture and operational practices are built around data minimization principles, ensuring user privacy and security.

4. User Permission Settings

Users can access, review, update, or correct their personal information within the app at any time, maintaining control over their data.
Users have the option to request the deletion of their personal data, to which we respond promptly and in compliance with legal obligations.
We utilize explicit consent mechanisms, especially for sensitive data like mental health information, ensuring users are fully informed and agreeable to such data collection.
Users can easily opt-out of non-essential communications and manage cookie preferences through the app and website settings. This includes accepting, rejecting, or customizing cookies, providing control over their online data.
Clear information about the types and purposes of cookies used by the app is provided, enabling informed decisions by users.
We employ robust security measures to protect user privacy and permission settings from unauthorized access or changes.
The app’s privacy and permission settings are regularly reviewed and updated to reflect best practices and legal requirements. Users are promptly notified of any changes within the app and via email, ensuring they are always informed and can adjust settings as needed.
Our commitment to transparency involves keeping users informed about changes that could affect their data privacy. We encourage users to regularly review their settings and stay updated with our Privacy Policy.

5. Account Sign-In

Users sign in with a username and password, essential for verifying identity and securing account access. For enhanced security, users can opt for OTP verification sent to their registered mobile number.
Corporate users from specific organizations are provided with pre-assigned usernames and passwords to streamline service access. Other organization employees verify their work email to create personalized passwords, with some having the option to change passwords based on their organization's policy.
We implement robust security measures, including password encryption and secure storage, to protect all user credentials from unauthorized access.
Additional security measures for corporate users include advanced standards for generating pre- assigned credentials and enforcing strong password policies.
A secure account recovery process is available for users who forget their passwords. This process involves identity verification through registered mobile numbers or email, ensuring rightful account access.
The app features automatic logout after inactivity, with adjustable duration settings. Users can manage active sessions and remotely log out from other devices for enhanced security.
Users can deactivate or permanently delete their accounts. Upon deletion, we retain necessary data as required by law or for legitimate business purposes for at least one year after the contract ends, and securely erase other personal information.

6. Data Use and Sharing

The personal and health-related data we collect are primarily used to provide and enhance the counseling services offered by our app. This includes personalizing the user experience, managing user accounts, providing customer support, and analyzing user behavior and preferences to improve app functionality and develop new, user-centric features.
Our app offers various self-assessment tools, including daily mood checks, stress, EQ, Burnout, Resilience, and personality tests, to help users manage their mental health more effectively. The health data gathered from these assessments are used to deliver personalized counseling experiences. We also track user interactions with different app features, like articles read and topics of interest, to tailor content and improve the overall user experience.
We may share data with trusted third-party service providers, such as virtual meeting platforms, who perform specific services on our behalf. These providers are strictly bound by confidentiality agreements and have access only to the data necessary for their tasks. Any disclosure of personal information to public authorities, such as courts or government agencies, will occur only if required by law.
For users employed by an organization, we provide employers with aggregated test scores and results at the company or department level, and insights on counseling session topics, all in an anonymized and aggregated form to aid organizational development and wellbeing initiatives. Individual user data remains confidential.
Anonymized or aggregated data may be utilized for research, analytics, employer’s mental health program development, or statistical purposes. We ensure that this data cannot be linked back to any individual user. Users may voluntarily participate in health research, with their data being anonymized to protect privacy.
Users have the right to withdraw their consent for data sharing at any time via the app settings or by contacting our customer support. We communicate clearly to users about the usage and sharing of their health data, especially regarding employer reporting.
If data is transferred to countries outside of the user’s location, we ensure compliance with legal and regulatory requirements and provide appropriate data protection.
In all instances of data sharing, we implement robust security measures to protect data from unauthorized access, disclosure, alteration, or destruction.
Users have the option to opt-out of specific data collection and sharing features, affirming their control over personal information.

7. Children’s Privacy

Our app is accessible to users of all ages. However, we have implemented age restrictions for certain features. Specifically, the ability to make appointments and access counseling services is restricted to users who are 20 years old and above.
Individuals aged 20 and above can independently use all features of the app, including the ability to make appointments and access counseling services. During registration, these users are responsible for providing accurate age information.
Users under the age of 20 are permitted to access the app but require parental permission to make appointments and use counseling services. We implement measures to verify parental consent for these underage users. This may include requiring a parent or guardian to co-sign the registration or provide explicit consent, either through the app or via direct communication with our team.
Step of verification

When a user schedules a counseling appointment, we ask for their age. This step is crucial to identify users under 20 years old.
For users under 20, upon detecting their age during the appointment scheduling process, we initiate a verification procedure. Our team will contact these users to confirm if parental consent has been obtained for using our counseling services.
If we cannot verify parental consent for underage users, we will cancel the scheduled counseling appointment. This policy ensures adherence to legal requirements and the safety of underage users.
We encourage and expect active involvement from parents or guardians in the underage user’s interaction with our app. This includes granting consent and overseeing the use of counseling services.
Parents or guardians can reach out to us at any time regarding concerns or queries about their child’s use of the app through our dedicated communication channel.

We take extra precautions to protect the privacy and data of users under the age of 20. Data collection and processing for these users are conducted with heightened care and strictly in compliance with applicable laws. We limit data collection to what is necessary for providing the service and ensure that no excessive data is collected.
Parents or guardians are encouraged to actively participate in their child’s interaction with the app. This is especially important in terms of giving consent and monitoring the use of counseling services. We provide a dedicated communication channel for parents or guardians to express concerns, provide consent, or receive information about their child’s usage of the app.
If we become aware that a user under the age of 20 has made an appointment or accessed counseling services without the necessary parental consent, we will take immediate steps to rectify the situation in accordance with legal requirements.
Parents or guardians can contact us at any time with any concerns regarding their child’s use of the app. We are committed to ensuring a safe and secure environment for all underage users.

8. Location Services

Our app does not track or require access to users’ geographical location. We prioritize user privacy and have intentionally designed our services to operate without the need for location tracking or location-based data.
In line with our strong commitment to user privacy, we assure our users that their physical location will not be monitored, stored, or utilized by our app at any point during their interaction with our services.
This approach is part of our broader strategy to protect the privacy and security of our users’ data, ensuring that they can use our app with full confidence in the safeguarding of their personal information.

Contact

For any queries, concerns, or feedback regarding our services or our Privacy Policy, users are encouraged to contact our customer support team. The necessary contact details, including our email address [email protected], are readily available within the app and on our website at istrong.center for ease of access.
We greatly value and welcome feedback and queries from our users. All communications are treated with the utmost confidentiality and are instrumental in our efforts to continually improve our services. We are committed to responding promptly to user inquiries and feedback, aiming to ensure a satisfactory and supportive experience for all our users.
If users have specific concerns regarding data privacy or the handling of personal information, they are invited to contact our Data Protection Officer directly. The contact details for our Data Protection Officer are provided within the app and on our website for convenience and transparency.

Last update on October 30, 2023, Version 2.0

Terms and conditions

Actualize Co., Ltd. (hereinafter referred to as “iSTRONG”) is a company offering mental and family health consulting services. Services are provided by psychologists, psychotherapists, and clinical psychologists who are certified with degrees or diplomas. iSTRONG also shares knowledge and values through psychological articles. The details for using the iSTRONG application service are outlined below. By using the service, users acknowledge, accept, and agree to adhere to the following terms and conditions:

1. Definitions

1.1 “Application” or “iSTRONG Application” refers to the LINE Official Account iSTRONG, iSTRONG website, and iSTRONG Application, as well as any computer programs, command sets, or other applications that are used or may be used in conjunction with or related to the said application for using iSTRONG services, whether accessed via mobile phones, tablets, websites, or any other devices. This includes cases where LINE Official Account iSTRONG, iSTRONG website, and iSTRONG Application are renamed or include other applications.

1.2 “iSTRONG services” refer to the services and features available through the application in these terms and conditions, as well as other programs or applications of the service that are used or may be used in conjunction with or related to the said application. This may include services related to mental health care or otherwise, including other services directly related to iSTRONG, even if operated by other individuals or entities.

1.3 “Service Provider” refers to psychologists, psychotherapists, counselors, psychiatrists, coaches, consultants, writers, or experts providing services in the iSTRONG application.

1.4 “User” refers to individuals using the iSTRONG application, including cases where parents, guardians, spouses, children, protectors, caretakers, or other individuals act on behalf of or under the authority of the user.

1.5 “Transaction” refers to any command or action intended to produce a certain result related to the use of services through the iSTRONG application or receiving iSTRONG services, such as appointments, appointment notifications, reading articles, assessments, as well as providing information, accessing information, modifying information, and deleting any information through the iSTRONG application.

1.6 “Personal Data” refers to information about the user that can directly or indirectly identify the user, including general user information, identification information, identity verification information, biometrics (such as fingerprints, facial patterns, etc., including data arising from the use of physical or behavioral characteristics to confirm identity), organizational affiliation, health insurance data, and other personal data related to the user. This does not include statistical data or information that cannot identify the individual owner of the personal data, which is not considered personal data under the Personal Data Protection Act B.E. 2562.

1.7 “Identity Verification Information” refers to username and password, verification code, or other codes or information used for identity verification and access to services in the iSTRONG application. This is a measure to prevent unauthorized access by others, whether set by the service provider or the user, and includes information used to recover such codes or data (if any).

1.8 “Operating Device” refers to mobile phones, tablets, computers, or other electronic tools or devices used by the user to access and use the iSTRONG application services.

2. Use of the iSTRONG Application and Services

2.1 Users are required to register and log in fully to the application before accessing services. By agreeing to the terms and conditions of service, users consent to the collection, use, and disclosure of personal data in accordance with the purposes provided during registration. Users not consenting may be restricted from accessing certain services.

2.2 Access to the iSTRONG application or services is categorized into four main features: 1) Services for the general public, 2) Services for corporate employees, 3) Services for health insurance customers, and 4) Services for corporate representatives who purchase comprehensive services for employees. The services for the general public are open for general access and use of certain services, except for some services specifically designed for corporate employees or health insurance customers. These are accessible and usable upon the user being listed as an eligible recipient under each organization's contract with iSTRONG. This includes agreeing to the terms and conditions of iSTRONG services for using them as a service recipient. Users must provide accurate identity verification information upon registration and adhere to service conditions set forth by the service provider. Users must register (Register) using identity verification codes before using or logging in (log in) by entering the username and password, phone number for receiving a temporary password (OTP) via SMS, or correct identity verification information. They must also comply with the methods and conditions of service as set by the service provider.

2.3 Users are responsible for securing their own information. The use of iSTRONG services via another person using the user's credentials, or automatic login devices, binds the user as if they had accessed the services themselves. Users are responsible for any liabilities arising from such use, except where proven otherwise due to service provider error or force majeure. Additionally, the application's limitations in data accuracy are acknowledged, but balanced with the provider's obligation under the PDPA to protect user data.

2.4 Features of the iSTRONG application in terms of services for the general public, corporate employees, and health insurance customers include services that users can access 24 hours a day (except in cases where the application developer or service provider temporarily suspends services for system maintenance or in cases of malfunction or other circumstances) according to additional methods and conditions set within the application or in receiving services from the service provider (if any). The service provider may add other features or change or cancel these features in the future, including the following:

(1) Mood Check, a daily emotional survey

(2) Display of general information of the service provider, which users can view and search for related information through the consultant service menu

(3) General articles, knowledge, and various public relations news, accessible to users through knowledge sources and public relations news prepared and opened publicly by the iSTRONG application

(4) Appointment services for discussions with service providers, under terms agreed with the iSTRONG application

(5) Assessments on the iSTRONG application that are open to the public, including access to one's own assessment history.

2.5 Corporate employee users will have access to additional special features from section 2.4, including premium articles and specific assessments provided exclusively for corporate employees.

2.6 Users who are representatives of organizations that purchase comprehensive services for their employees will have access to special features, such as viewing their own corporate employee usage summary (Dashboard) and pulling monthly, quarterly, or annual usage reports. They cannot access or retrieve usage data that can identify individual users.

2.7 Users accept that any transaction or action through the iSTRONG application, regardless of the features used, according to the methods and conditions set by the service provider, is considered accurate, complete, and legally binding on the user.

2.8 Users acknowledge that for some services that are part of iSTRONG, the provider may source text or data from external individuals or entities, or the provider's information system may be connected with external systems. iSTRONG cannot guarantee the accuracy or completeness of such text or data. Moreover, iSTRONG is not involved and does not endorse or guarantee any information, products, services, offers, and/or benefits produced and/or provided by external individuals or entities. iSTRONG is not liable to users or any third parties for any damages arising from the use of such text or data, or any other incidents resulting from the advice, services, or products of other individuals or entities.

2.9 Users agree and accept that the use of the iSTRONG application and iSTRONG services is a supplementary service of the provider and cannot replace therapeutic healthcare services and direct medical treatment. It is not a channel for requesting services in emergency or urgent situations. iSTRONG and the service provider are not liable for any damages or malfunctions arising from the use of this application and/or iSTRONG services, whether due to force majeure, circumstances beyond the control of iSTRONG and the service provider, system malfunctions or defects, operational errors of the provider's personnel or contractors, or other causes.

2.10 iSTRONG reserves the right to refuse service, or to change, suspend, or cancel iSTRONG services or certain features of the application at any time. In the case of suspension or cancellation of all iSTRONG services, users will be notified at least 30 days in advance, except in cases of force majeure or urgent necessity, in which case users will be notified as soon as possible.

2.11 Users accept that, as far as the relevant laws permit, the use of the iSTRONG application and iSTRONG services is solely at the user's own risk. The application and iSTRONG services are provided "as is" and "as available," possibly including all defects. iSTRONG and the service provider make no warranties regarding the application and iSTRONG services, whether express, implied, or statutory, including but not limited to implied warranties and/or conditions of merchantability, satisfactory quality, fitness for a particular purpose, accuracy, precision, and non-infringement of third-party rights.

2.12 While every effort is made to ensure accuracy and completeness, users acknowledge the potential for inaccuracies due to technical and other limitations. iSTRONG strives to comply with PDPA regulations, actively protecting user data and taking reasonable measures to ensure the integrity of the services provided.

2.13 Users acknowledge and accept that in providing services, the provider and iSTRONG merely receive information and offer guidelines for decision-making and solutions for the service recipients only, without the right to compel the service recipients to act or refrain from acting. Decisions made after receiving services are beyond the responsibility of the provider and iSTRONG.

2.14 Users must be at least 20 years old and legally capable of entering into contracts and complying with various terms and regulations under Thai law to use this service independently. If the user is a minor (under 20 years old) and needs to use the service, a legally competent parent or guardian must be present during the service and agree to the terms of service. The guardian can register and use the service on behalf of the minor under their care.

2.15 Users are prohibited from using the iSTRONG services improperly, such as interfering with the services or attempting to access them in ways beyond what the iSTRONG application provides and advises. Users must use iSTRONG services only as permitted by law, including export and re-export control laws and regulations. iSTRONG may suspend or stop providing services to users who do not comply with iSTRONG's terms and policies or if iSTRONG detects suspicious behavior that is incorrect.

2.16 Using this service does not grant users any intellectual property rights in the service or content accessed. Users cannot use the content in the service unless authorized by the content owner or as permitted by law. This condition does not grant users the right to use any branding or logos used in iSTRONG services. Users are prohibited from exporting, concealing, or modifying any legal notices displayed in or with iSTRONG services.

2.17 Some iSTRONG services can be used on personal mobile devices. Users are prohibited from using such services in a manner that causes distraction and prevents them from complying with traffic laws or safety regulations.

3. Use of Expert Consultation Services

3.1 Service recipients must accept the terms and conditions of the service beforehand. Both the service recipient and provider agree to strictly adhere to the specified dates, times, and other conditions.

3.2 Service users must make appointments with providers in the iSTRONG application system, providing minimum information as per the conditions set realistically, to ensure the highest benefits and quality of consultation and services.

3.3 Service users must schedule appointments at least 30 minutes before the desired consultation time.

3.4 Service users can choose the method of conversation, either by phone or through the iSTRONG application using only voice or video call.

3.5 Service recipients can change or cancel appointments at least 1 hour in advance for phone or video call consultations, except in cases of emergency or unavoidable necessity. This requires reasonable explanation through various contact channels. Otherwise, it will be considered that the service has been fully rendered, and the service recipient must bear the responsibility for the actual usage hours incurred, without any possibility of refund or waiver under any circumstances.

3.6 Service providers can change or cancel appointment times at least 4 hours in advance for face- to-face consultation services, except in cases of emergency or unavoidable necessity. This also requires reasonable explanation through various contact channels. Otherwise, it will be considered that the service has been fully rendered, and the service recipient will be charged for the usage hours, without any possibility of refund or waiver under any circumstances.

4. Complaint Resolution Process

4.1 To protect the rights of the complainants and the information providers acting with honest intent, iSTRONG will keep the names, addresses, or any information that can identify the complainant or information provider confidential. Only the responsible personnel handling the investigation of the complaint will have access to this information.

4.2 It is the duty of those receiving information related to the complaint to maintain the confidentiality of the information, complaint, and evidence provided by the complainant and information provider. Disclosure to unrelated persons is prohibited unless required by law.

4.3 Upon receiving a complaint, iSTRONG will immediately consider the issue and notify the relevant departments to investigate the facts related to the complaint and take appropriate corrective actions.

4.4 iSTRONG will periodically follow up on the progress, and the relevant departments will inform the complainant of the outcomes within a suitable timeframe.

4.5 Channels for Submitting Complaints

Complainants can submit their complaints with details of the issue, along with their name, address, email, and a contactable phone number through the following channels:

Channel 1: Through the website www.istong.co, on the 'Contact Us' page.

Channel 2: Via email, sent to [email protected].

Channel 3: Through LINE, ID @istrong.

4.6 The team will promptly address every complaint and contact the complainant within 3 business days to inquire further about the issue.

5. Other Terms and Conditions

5.1 In agreeing to or accepting these terms and conditions of service, the user affirms that they are either the user of this application or are legally authorized to act on behalf of such a person, having acted for the benefit and purpose of the user's operation. In cases of acting on behalf of someone, if that person is capable of understanding and deciding on these iSTRONG service terms and conditions, the user confirms that they have provided information and explained to that person, who has understood and consented to the actions taken on their behalf as far as possible.

5.2 In cases where the user has not yet registered for the application, or has not signed an agreement accepting the terms and conditions of service with the iSTRONG application, or has been exempted from such agreement in writing by the service provider, the user accepts that this does not invalidate the agreement or acceptance of these terms and conditions, and other terms and conditions in the application or in using iSTRONG services (if any) made electronically. Such electronically made agreements and acceptances are legally valid in every respect until later canceled or amended.

5.3 Users consent to the processing of personal data as per the PDPA and other applicable laws. The terms and conditions, as well as user consent for data processing, are binding and equivalent to a signed agreement. The service provider may update these terms, with notification provided through suitable channels. Non-agreement to updated terms may result in service suspension, with no liability for damages on the provider's part.

5.4 In cases where these terms and conditions conflict or are inconsistent with the iSTRONG service terms and conditions signed in writing with the service provider, or conflict with other terms and conditions in the application or in using iSTRONG services, the user agrees to abide by the most recent agreed-upon or accepted terms and conditions in the conflicting parts. Other terms and conditions remain binding unless otherwise specified. Additionally, if any part of the service terms and conditions becomes ineffective or unenforceable for any reason, the user accepts that this will not affect the binding nature of other parts of the terms and conditions.

5.5 Intellectual property clauses, though not directly related to the PDPA, must comply with all legal requirements concerning data protection. Users must not infringe on intellectual property rights, respecting the lawful use of service content and adhering to data protection regulations.

5.6 Prohibited uses of the service, while not PDPA-specific, are expected to align with overall legal requirements for data protection. Users must not misuse the application or services in ways that could compromise data security or violate the law.

5.7 The user agrees not to use the iSTRONG application or services in the following manners, which if found or reasonably believed to occur, may lead to the suspension or cancellation of the user's access to all or part of the iSTRONG services.

(1) To misrepresent identity, qualifications, or facts about the user.

(2) In a manner that is against the objectives, violates laws or good morals, or causes damage to the service provider and iSTRONG.

(3) To attack, hack into, interfere with, disturb, or disrupt systems related to this application or iSTRONG services, or to attempt unauthorized access, forwarding, or disclosure of personal data of others or other confidential information, or illicitly modify system data, constituting an attack on cybersecurity or personal data protection, or committing an offense under computer-related laws.

(4) To introduce into the computer system distorted, falsified, false data, or data constituting an offense against the security of the kingdom.

(5) To introduce into the computer system data that is obscene, against good morals, inappropriate, or might cause damage or legal liability to the service provider and iSTRONG.

(6) In any other manner that violates the terms of use or service set within the application or in the iSTRONG services, or as determined by the service provider.

5.8 If the iSTRONG user previously agreed or accepted the iSTRONG service terms and conditions of the iSTRONG application or the iSTRONG service terms and conditions for user operation made electronically, such agreement or acceptance is hereby canceled, and the terms and conditions of this document shall replace them, except for the service terms and conditions made in writing with the service provider (if any), which shall remain in effect until canceled or further amended, and the iSTRONG service terms and conditions for recipient operation by the service provider (if any), shall be as specified in section 4.4.

Effective date: December 30, 2023.