Collection of personal data
The Company collects personal information received directly from customers through the following channels:
- Membership registration
- Phone
Types of personal data collected
Personal information
Such as name, surname, age, date of birth, nationality, ID number, passport, etc.
Contact information
Such as address, phone number, email, etc.
Account information
Such as user accounts, usage history, etc.
Proof of identity
Such as a copy of your ID card, a copy of your passport, etc.
Transaction and financial information
Such as purchase history, credit card details, bank account, etc.
Technical information
Such as IP Address, Cookie ID, website usage history (Activity Log), etc.
Other information
Such as images, motion pictures and any other information that is considered personal data under the Personal Data Protection Act.
Minor
If you are under 20 years of age or have limited legal capacity, we may collect, use or disclose your personal information. We may require your parent or guardian's consent or as otherwise permitted by law. If we learn that personal information has been collected from a minor without parental or guardian consent, we will take steps to delete that information from our servers.
How to keep personal data
We will retain your personal data in both paper and electronic formats.
We hold your personal data as follows:
- Our company servers in Thailand
- Our company servers overseas
- Overseas server providers
Processing of personal data
We will collect, use or disclose your personal data for the following purposes:
- To create and manage user accounts
- To deliver goods or services
- To improve products, services or user experiences
- For internal management of the company
- For marketing and promotion
- For after-sales service
- To collect feedback
- To pay for goods or services
- To comply with the Terms and Conditions
- To comply with the laws and regulations of government agencies
Disclosure of Personal Information
We may disclose your personal data to others with your consent or where permitted by law, as follows:
Internal management
We may disclose your personal information internally as necessary to improve and develop our products or services. We may collect information internally for products or services under this Policy for the greater benefit of you and others.
Service Provider
We may disclose some of your personal information to our service providers as necessary to perform their duties such as payments, marketing, product or service development, etc. Our service providers have their own privacy policies.
Business partners
We may disclose certain information to business partners to contact and coordinate the provision of products or services and provide information as necessary regarding the availability of products or services.
Law enforcement
In the event that a law or government agency requests it, we will disclose your personal data as necessary to government agencies such as courts, government agencies, etc.
Transfer of personal data abroad
We may disclose or transfer your personal data to persons, organizations or servers located overseas, and we will take measures to ensure that the transfer of your personal data to the destination country provides adequate privacy standards or as otherwise required by law.
Period of storage of personal data
We will retain your personal data for as long as necessary during the course of your relationship with us or for as long as necessary to fulfil the purposes related to this policy, which may be required to be retained thereafter. Where required by law, we will delete, destroy or anonymize your personal data when it is no longer necessary or when that period expires.
Rights of personal data owners
Under the Data Protection Act, you have the following rights:
Right to withdraw consent
If you have given your consent, we will collect, use or disclose your personal data, whether that consent was given before the effective date of the Data Protection Act or afterwards. You have the right to withdraw your consent at any time.
Right to access
You have the right to request access to the personal data we hold about you and to request that we provide you with a copy of that data, as well as to request that we disclose how we obtained your personal data.
Right to data portability
You have the right to obtain your personal data where we have made it available in a format that is machine-readable or usable by automated tools or devices and can use or disclose the personal data by automated means, to request that we transmit or transfer the personal data in such a format to another data controller where this can be done by automated means, and to request that we transmit or transfer the personal data we have transmitted or transferred in such a format directly to another data controller, unless this is not possible for technical reasons.
Right to object
You have the right to object to the collection, use or disclosure of your personal data at any time if the collection, use or disclosure of your personal data is required for the performance of a task carried out under our legitimate interests or those of another person or entity, not to the extent that you can reasonably expect it to be done, or to carry out a task carried out in the public interest.
Right to erasure/destruction
You have the right to request that your personal data be erased or destroyed or anonymized if you believe that your personal data has been collected, used or disclosed unlawfully or that we no longer need to retain it for the purposes related to this Policy, or where you have exercised your right to withdraw your consent or object as stated above.
Right to restriction of processing
You have the right to request that we temporarily suspend the use of your personal data in the event that we are investigating your request to exercise your right to rectify or object to your personal data, or in any other case where we no longer need to delete or destroy your personal data in accordance with applicable law, but you request that we suspend the use instead.
Right to rectification
You have the right to request that your personal data be corrected to keep it accurate, current, complete and not misleading.
Right to lodge a complaint
You have the right to lodge a complaint with a relevant legal authority if you believe that the collection, use or disclosure of your personal data violates or fails to comply with relevant laws.
You may exercise your rights as a data subject above by contacting our Data Protection Officer as detailed at the end of this Policy. We will inform you of the results of our actions within 30 days from the date we receive your request to exercise your rights, using the form or method we specify. If we deny your request, we will inform you of the reasons for the denial via various channels, such as text message (SMS), email, telephone, letter, etc.
Personally Identifiable Technology (Cookies)
To make your user experience more complete and efficient, we use cookies and similar technologies to improve access to our products or services, provide appropriate advertising, and track your usage. We use cookies to identify and track website users and their access to our website. If you do not want to have cookies placed on your computer, you can set your browser to refuse cookies before using our website.
Security of Personal Data
We will maintain the security of your personal data in accordance with the principles of confidentiality, integrity and availability to prevent loss, access, use, alteration, modification or disclosure. In addition, we will provide personal data security measures, which include administrative safeguards, technical safeguards and physical safeguards regarding access or control of personal data (access control).
Notification of personal data breach
In the event of a breach of your personal data, we will notify the Office of the Personal Data Protection Commission without delay, within 72 hours of becoming aware of it, as far as practicable. Where the breach involves a high risk of affecting your rights and freedoms, we will inform you of the breach and provide you with remedies without delay via various channels, such as website, text message (SMS), email, telephone, letter, etc.
Privacy Policy Amendments
We may amend this Policy from time to time, and you will be able to view the amended Terms and Conditions of this Policy via our website.
This Policy was last modified and is effective as of May 10, 2021.
Privacy policies of other websites
This Privacy Policy applies only to the offering of products, services and use of the website for our customers. If you visit any other website, even through our website, the protection of personal information will be subject to the privacy policy of that website, which we have no affiliation with.
Contact details
If you have any questions about this Privacy Policy, including exercising your rights, you can contact us or our Data Protection Officer as follows:
Personal Data Controller
The company provides franchise management system services at service points.
COD Terms of Service
- To use the COD service, customers must apply for COD with their national ID card and bank account information to receive a refund. There can be only one account, and the account name must match the name on the national ID card registered in the system.
- If new information is entered, you will have to wait until the new information is confirmed before it can be used.
- When the customer has filled in all the information and pressed confirm, the COD parcel can be sent immediately. Mysave will check the documents for about 1-2 business days. If the information is incorrect, a Mysave officer will contact you to fill in the new information. If the information is incorrect, the COD money cannot be refunded to you.
- Conditions for receiving COD (Cash On Delivery) After the service provider receives the COD money from the shipping company, the service provider will return the COD money to the sender on the next business day without interest, except Sundays and public holidays.