Data Protection Notice for Customers
What is personal data?
Personal data is any information that relates to or identifies a living individual, both directly or indirectly. This also includes the collection of less explicit data that leads to an identification of a particular person.
Collection of Personal Data We may collect the following data from the users:
- Personal identification data including age, nationality, date of birth, etc.
- Contact information including address, phone number, e-mail address, etc.
- Payment data including bank account, payment method, etc.
- Transaction data including transaction number, purchase history, etc.
- On-site personal data including account name, password, personal interest regarding services, etc.
- Technical data including IP address number, log-in history, setting, web browser connection, etc.
- Marketing data including service satisfaction and feedback, etc.
- Access to Personal Data
We access user’s personal data through 2 main following channels:
We access personal data directly from the users via the collection during the provision of service including:
- User’s account registration, and the submission of application for any services
- User’s subscription of any marketing and sales information including advertisement and promotion
- User’s consensual agreement when filling out the survey
- User’s cookies when accessing the platform Mutual contact between users and service providers both offline and online such as email enquiries and phone calls
- User’s purchase of any particular service or product
- User’s log-in on both service provider’s platform and associated sites such as Facebook and Google
We collect personal data of the users indirectly from the third-parties in the following cases: Facebook Login, Google Login, LINE Login, e-mail & Password Login
Data Collection Objectives
We may collect and use user’s personal data for any or all of the following purposes:
- To perform obligations in the course of or in connection with our provision of the goods and/or services requested by the user
- To process the payment of a particular service or product such as tours, attraction tickets, transportation service, etc.
- For post-sale customer service such as promotions and feedback enquiries
- To verify user’s identity
- For marketing research and customer relationship optimization
- To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority
- To transfer data to any unaffiliated third parties including our third party service providers and agents, relevant governmental and/or regulatory authorities, for the aforementioned purposes
Sharing Personal Data
We may share and disclose your personal data to third parties in the following circumstances:
To third-party service providers who require access to personal data in order to assist in the provision of the website, products and services, and other business-related functions such as website analytics providers or our third-party advertisement partners. These third-party service providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
We may also disclose visits information to third-parties:
Where required by law or regulatory requirement, court order or other judicial authorization
In response to lawful requested by public authorities including for the purposes of meeting national security and law enforcement requirements
In connection with the sale, transfer, merger, bankruptcy, restructuring or other reorganization of a business
- To protect or defend our rights interests or property, or that of third parties
- To investigate any wrongdoing in connection with the website or service
- To protect the vital interests of an individual.
We may also share Personal Information collected through the Website with third party companies so that they may offer products and services that we believe will be of interest to visitors, as well as third party advertising-serving companies to better target the adverts and other content displayed on website and to provide offers we think may be interests of visitors. The subscription of marketing is stated in the “Personal Data and Marketing Activities” section.
Personal Data Processing
After the collection of user’s personal data, we may store the data regarding the following processes:
Computer System including On-premise, cs loxinfo cloud We may use the collected personal data with the purposes mentioned in “Data Collection Objectives” We may disclose users personal data:
- to staff members under Secure Serve Co., Ltd., in order to perform obligations in the course of or in connection with our provision of the goods and services requested by users; or
- to third party service providers, agents and other organizations we have engaged to perform any of the functions with reference to the above mentioned objectives and for safety purposes.
Data Storage and Data Retention
We may store user’s personal data using the following systems:
- User’s personal data will be saved as soft copy data stored in our computer systems.
- User’s personal data will be saved in service provider’s devices, such as computers, phones, and tablets. This includes the mentioned Computer System (On-premise, cs loxinfo cloud). Data retention period will be illustrated in the “Data Retention” section below. Data Retention Period No.type of Personal Data
- Personal identification data including age, nationality, date of birth, etc. 10 years from contract termination date
- Contact information including address, phone number, e-mail address, etc. 10 years from contract termination date
- Payment data including bank account, payment method, etc. 10 years from contract termination date
- Transaction data including transaction number, purchase history, etc. 10 years from contract termination date
- On-site personal data including account name, password, personal interest regarding services, etc. 5 years from contract termination date
- Technical data including IP address number, log-in history, setting, web browser connection, etc. 5 years from contract termination date
- Marketing data including service satisfaction and feedback, etc. 5 years from contract termination date
Data Subject Rights
Data subjects have the following rights:
- Right to withdraw consent: Users can withdraw their consent and request the processors to stop collecting their personal data.
- Right of Access: Users can submit data access requests, which oblige processors to provide a copy of any personal data they hold regarding data subjects. This includes a request for a disclosure of platforms and methods in which the processors collected the data from.
- Right of Rectification: Users can request an update on an inaccurate or incomplete personal data.
- Right to Erasure: Users can request that the service provider erase their data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or is no longer meeting the lawful ground for which it was collected. This includes the instance where the individual withdraws consent.
- Right to Restriction of Processing: Users can request the service provider to limit the way their personal data is used.
- Right to Data Portability: Users are permitted to obtain and reuse their personal data for their own purposes across different services.
- Right to be informed: Users have the right to be notified about the collection of their personal data such as storage periods and purposes.
- Right to Object: Users can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority.
You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner
Note: There is no additional charge regarding the mentioned right entitlement, and users will be contacted within 30 days from the date of request e-mail : [email protected]
Secure Serve Co., Ltd.
1/18 Soi Ramintra 14 Yak 11/1, Tharaeng, Bangkhen Bangkok 10220
Contact detail :
Email address : [email protected]
Website : https://secureserve.co.th/