“Personal Data” means the information relating to a person, which enables the identification of such person, whether directly or indirectly. The Company may collect the following personal data for the Services:
The Company may receive the User’s Personal Data from the following source:
The Company shall collect, use, or disclose Personal Data under the legal basis and in accordance with the following purposes:
The Company shall collect, use, or disclose Personal Data according to Article 3. The Company may disclose Personal Data and services’ information to other parties, such as the Company’s affiliates and subsidiaries, personal data processors, government agencies, IT service providers, financial institutions, customer support service providers, marketing and advertising agencies, and persons or juristic persons which the Company and/or the User is the contractual party with, with the consent of the User or when it is allowed by law. The Company may disclose Personal Data for various purposes, such as for analyzing and improving its Services, for collecting statistical data and research, for promotions and public relations, for management review, for fraud prevention, and for identifying the User.
The Company may need to transfer the User’s Personal Data to persons, foreign agencies, or international organizations that do not have adequate personal data protection standards.
The Company shall not disclose and use Personal Data other than the intended purpose unless the consent from the User is obtained, or in accordance with the contract the company has made with the User, or when it is required by court order or by law to do so, or when the Company is asked for cooperation to assist government officials to prevent frauds which do not interfere with the confidentiality of Personal Data or to support the benefit of public interest or legitimate rights.
In case the Company requires additional Personal Data, the Company shall inform the User as seen appropriate to obtain the User’s consent as well as notifying of the consequence in case the User refuses.
As the data subject under the PDPA, the User has the following legal rights:
However, the Company is entitled to deny any of the request if there is any specific legal ground allowing the Company to do so or if the request deemed fraudulent or unreasonable including the request which is not in accordance with the law and/or which may deem impractical to do so.
If the User does not give consent to the Company to collect, record, or use of Personal Data as specified by the Company, the Company may be obliged to refuse or suspend the Services due to the inconsistency with the Company’s purposes and/or relevant laws or regulations. The consideration and approval of the use of the Services is at the sole discretion of the Company.
In the event that the User does not give consent to the Company to use the information other than that allowed by the contract and by law the User can still access to the Services but may not receive the same level of services and benefits.
In the event that the Company requires to collect, use, or disclose Personal Data of a legally incompetent person, such as a minor (under 20 years of age), a person who has been ordered by the court to be a quasi-incompetent person, or a person who is legally incompetent, the Company shall conduct in accordance with appropriate procedures and the standards prescribed by law.
The company maintains measures for the security of Personal Data by establishing a secured area and/or deploying technology to prevent data loss, data access, data use, destruction of data, and data misuse including changing, modifying or disclosing of data inappropriately