The Time Queen Co., Ltd.
What kind of PII is being Processed?
In order to perform the required services and features defined on the Platform, the Company would need to collect and process the following PII from the User:
1 Directly Identifiable PII such as name, age, nationality and date of birth
2 Contact information such as an address, phone number, and e-mail address
3 Payment information such as the payment transaction information, bank account information and credit card information
4 Transactional data, such as username – password and logs, transaction number and history that the User transact and use the Service, including the gathered preference and interest from the transactional behaviour
5 Technical PII such as IP address number, the Service usage information, and web browser status and setting that have been used to connect to the Service.
How the Platform is processing the User’s PII?
2 The Company would need to collect and analyze the PII of the User in order to assess the User’s interest with an aim to provide customized and personalized privileges or service that would meet your interest and preference and to improve our customer’s experience with each relevant User;
3 The Company would need to collect and restore the User’s PII in order to assure the appropriate after-sale service provided by the Company in various forms, including the satisfaction survey or the support and complaint redress function;
4 The User would need to collect and restore the User’s PII as obliged under the applicable laws and regulations, for instance, for the withholding tax payment purpose.
The Company would need to collect and store the PII of each relevant User for the defined purposes for as long as the User is still the registered User on the Platform and for 3 (three) years after the User termination, except the relevant laws and regulations defined otherwise. The storage of the PII after the User termination would be necessary for the legitimate interest of the Company in the legal proceedings that the Company may have against the relevant User.
Disclosure of the PII
In order to assure the performance of the Platform as committed, the Company may need to disclose the User’s PII in the following circumstances:
1 To disclose the User’s PII to the outsourced service providers engaged in the performing direct service to the Platform, including without limitation the advisors and auditors as well as the logistic service provider; provided that the Company shall only disclose the User’s PII to the relevant recipient strictly on the need to know basis in strict compliance with the defined objectives for PII process defined;
2 To disclose the User’s PII in the usage of the storage service on Computer System Google Cloud Platform, On-premise, Amazon AWS;
3 To disclose the User’ PII to third party in the legal proceedings to protect the Company’s legitimate rights or to detect and prevent any fraud on the Platform; provided that such disclosure shall be done on the limited and specific purposes as defined.
4 In case that the Company is obliged under the applicable laws, court judgment or administrative order to disclose any PII of any particular users, the Company would need to do so only on the necessary basis.
Representation on the Privacy Security
The Company represents and guarantees that the Company shall adopt the ‘Privacy-by-Design’ concept and shall use the most appropriate security measures to prevent the unauthorized access, amendment or disclosure of the PII in any form or in any circumstance by either internal or external persons and the Company commits to review those measures on the regular basis with the strong commitment to use the best industrial practice and to be in strict compliance with the applicable laws.
Data Subject Rights
The Company acknowledges and accepts the User’s rights as the data subject over their PII as defined under the applicable laws that include the following rights:
1 Right to withdraw consent: Users can withdraw their consent and request the processors to stop collecting their personal data.
2 Right of Access: Users can submit data access requests, which oblige processors to provide a copy of any personal data they hold regarding data subjects. This includes a request for a disclosure of platforms and methods from which the processors collected the data.
3 Right of Rectification: Users can request an update on inaccurate or incomplete personal data.
4 Right to Restriction of Processing: Users can request the service provider to limit the way their personal data is used.
5 Right to be informed: Users have the right to be notified about the collection of their personal data such as storage periods and purposes.
6 Right to Object: Users can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority.
7 Right to Data Portability: Users are permitted to obtain and reuse their personal data for their own purposes across different services.
8 Right to Erasure: Users can request that the service provider erase their data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or is no longer meeting the lawful ground for which it was collected. This includes the instance where the individual withdraws consent.
9 Right not to be subject to automated individual decision-making: the significant decisions will not be solely based on automated means.
The User can contact the Company in order to make the request to exercise any defined rights through the defined channel without any charge and the Company will consider and notify the User of the Company’s determination within 30 days after the receipt of the User’s valid request.
What are Cookies that the Company is using on the Platform?
Cookies are text files stored on the User’s computer browser directory or program data subfolder in order to keep a data log of the User’s internet usage and the User’s behaviour or interaction on the Platform. For the performance of the Platform, the Company need to use various types of Cookies for various purposes as defined below:
1 Functionality Cookies being used to record information about choices the User have made in the Platform such as personal settings, languages, and fonts so this would allows the Company to tailor our Platform features that would match the User’s preference setting;
2 Advertising Cookies being used to record the User’s on-site behavior and history of the Platform visited and this would allow the Company to provide the User the services and products that suit the User’s preferences and to assess the success of each function of the Platform.
3 Strictly Necessary Cookies are essential for the User to browse the Platform and use its features, such as accessing secure areas of the Platform.
Terms and Conditions’ Consent Form
This is to grant consent on the general use and sharing of personal data obtained by The Time Queen Company Limited, its parent and affiliates and their respective representatives and agents (collectively, the “Company”) from the customer or user (“Customer”) in the course of any transaction, between the Customer and the Company under this privacy notice.
1. Personal data, also known as personal information, is any information relating to an identifiable person such as name, address, telephone number, ID number, etc.
2. Source of personal data obtained
-Data that are directly and voluntarily provided by the Customer, for instance, when the Customer registers/ subscribes/ creates a personal profile in the Company website, or requests products/ services, or visits the Company website/ call center/ other contact channels, or other activities i.e. seminar, survey or roadshow.
-Data that are automatically collected via cookies or similar technologies when the Customer uses the Company services such as website or other application.
-Data that are obtained from the Company’s affiliates
-Data that are obtained from third parties such as
-Social media providers
3. Purpose to collect, store, process, transfer, disclose or share personal data
-Providing and improving the Company products and services, including administering, maintaining, managing, and operating such products and services;
-Personalizing relevant products and services according to the Customer profile;
-Providing news, marketing information and informing about the Company products and services;
-Managing customer relationships;
-Authenticating or confirming user identity when the Customer using the Company’s website or application accounts to ensure that all of communications between the Company and the Customer are secure and confidential;
-Administering the Company’s services for internal operations, including problem diagnosing and troubleshooting;
-Complying with the laws of any applicable jurisdiction;
-Other purposes specifically disclosed at the time the Company request further information.
4. Retention period of personal data
The Company will only keep the Customer personal data for a period of time that is appropriate and necessary for each type of personal data and for the purposes as specified, unless law requires or permits longer retention period.
5. Use, disclose or transfer of personal data
Personal data will be kept confidential but, subject to the provisions of any applicable law and only after having obtained such consent, may be provided to:
-Third-party service providers
-Governmental authorities and/or supervisory or regulatory authorities
The Company may disclose the Customer personal data to other person to the extent permissible under the consent or law. The persons or entities receiving such data will collect, use, and/or disclose the personal data to the extent permissible under the consent or related to this notice.
The Company may work with third-party service providers which the Company only share the Customer personal data with them so that they could assist in providing/delivering our services for the purposes stated. The Company takes steps to ensure that the Customer personal data remains protected and that the third parties which were shared the information will process it in accordance with our instructions and will not use it for their own purposes or benefits. Such measures may include entering into appropriate contracts with third parties.
The Company may disclose the Customer personal data in other limited circumstances, including responding to requests from government or public authorities or otherwise cooperating with authorities pursuant to a legal matter, in litigation, investigations, and other legal matters where the data is pertinent.
The Company implements measures to ensure appropriate security in personal data processing and preventing personal data breach. The Company has set out policies on personal data protection to prevent data receivers from using or disclosing the data outside the purposes or without authorization or unlawfully.
7. Your rights
Right to access and obtain copy – the Customer has the right to access and obtain copy of own personal data holding by the Company; unless such request is entitled to reject under the laws or court orders or adversely affect the rights and freedoms of other individuals.
-Right to rectify – the Customer has the right to rectify inaccurate personal data and to update incomplete personal data.
-Right to erase and restrict – the Customer has the right to request to delete, destroy, restrict the use or anonymise own personal data, unless there are certain circumstances where the Company has the legal grounds to reject such request.
-Right to withdraw consent – the Customer has the right to withdraw consent that has been given to the Company at any time pursuant to the methods and means prescribed by the Company; unless the nature of consent does not allow such withdrawal.
8. Contact us
If you have any suggestions or inquiries regarding collection, usage and/or disclosure of your personal data, you may contact the Company via the following channel: The Time Queen Co., Ltd. 8/168, Soi Suan Siam 9 Yeak 22, Suan Siam Road, Khannayao Subdistrict, Khannayao District, Bangkok, Thailand, 10230 (firstname.lastname@example.org)
I have completely read this notice, understood its contents and consent to the processing of my personal data.
I consent to the collection, use, processing, storage and retention of my personal data by the Company for the purpose(s) described in this notice.