Privacy policies
We aim to be recognized as a leader company in Thailand in serving an international online remittance services with friendly supports, upscale security, and client’s satisfactions.
Effective date: 22/09/2023
This Privacy Notice applies to the following individuals:
- Customers of the Company
Individual Customers : Customers of the Company who are individual persons.
Business Organization Customers : Directors, shareholders, actual beneficiaries, employees, guarantors, and legally authorized representatives of the Company’s business organization customers, including other individual persons who have the authority to act on behalf of the business organization customer. In this regard, the Company recommends that business organization customers take steps to ensure that individuals with the authority to act or any related individual personsare informed about the Company’s Privacy Notice. - Non-Customers of the Company
This category includes individuals who are not customers of the Company, such as Individual persons who do not have any products or services with the Company. However, the Company may need to collect, use, or disclose your personal information. This may include individuals who visit the Company’s website or application, access services at the Company’s branches or offices, actual beneficiaries, directors, or legally authorized representatives of legal entities using the Company’s services. This also includes customers’ debtors or lessees, professional advisors, including directors, investors, and shareholders of the Company, as well as legally authorized representatives of such individuals and anyone involved in transactions with the Company or its customers.
Please note that links displayed on the Company’s platforms may lead you to external platforms. If you access external platforms, the processing of your personal information will be subject to the privacy policy of that external party. Therefore, the Company recommends that you read and understand the privacy policy of the external party when accessing those platforms.
How the Company Collects, Uses, or Discloses Your Personal Information
- Company’s Legal Obligations
As the Company operates under the supervision and must comply with applicable laws and regulations, the Company is required to collect, use, or disclose your personal information for various purposes to comply with laws and regulations of government agencies and/or regulatory bodies overseeing the Company. This includes but is not limited to the following purposes:- To comply with the Personal Data Protection Act and its amendments.
- To comply with the law (such as anti-money laundering laws, laws preventing and suppressing terrorism financing, laws preventing and suppressing financial support for terrorism and the proliferation of weapons of mass destruction, and other laws that the Company must comply with, both in Thailand and internationally). This includes conducting identity verification, background checks, Know Your Customer (KYC) processes, Customer Due Diligence (CDD), and other verifications (including checks from public databases of regulatory authorities and/or designated persons) and continuous operations to comply with any relevant laws and/or
- To comply with regulations and/or orders from authorities (such as court orders, orders from government agencies, regulatory bodies overseeing the Company, or authorized personnel).
- Agreements You Have Made with the Company
The Company will collect, use, or disclose your personal information based on your requests and/or agreements made with the Company. This includes, but is not limited to, the following purposes:- Processing your requests before entering into a contract with the Company, evaluating approval, and providing services to you, offering advice, and managing services, including any Company operations. Failure to perform these actions may affect the Company’s operations or the provision of services, impacting the fair and continuous delivery of services.
- Providing services to you through the Internet network (electronic system), mobile applications, and other online product platforms.
- Pursuing the collection of debts owed to the Company by you.
- Managing user accounts and/or financial accounts, and performing operations related to your user and/or financial accounts, including but not limited to processing requests or service requests, conducting transactions, generating account statements, and managing and closing user and/or financial accounts.
- Executing or engaging in transactions and/or making payments, such as processing payments or transactions, ensuring the successful outcome of transactions, debt collection activities, managing your relationship with the Company, and handling your existing accounts with the Company.
- Enforcing rights under the law or agreements with the Company.
- Providing IT support and a helpdesk, creating and maintaining your codes and user accounts, managing access to any system you are authorized to access, and canceling inactive accounts.
- Legal Basis Benefits of the Company
The Company will reference the legal basis while considering the benefits of the Company or other individuals with basic rights to your personal information that the Company may collect, use, or disclose. This includes, but is not limited to, the following purposes:- Managing the Company’s business and its subsidiaries or affiliated companies (such as regulatory compliance, risk management, financial and accounting management, audit, internal organization management, surveillance, prevention, and investigation of fraud, money laundering, terrorism, misconduct, or other criminal activities, including checking the reliability of any person related to the Company’s corporate customers, which may not be subject to actions required by law by law enforcement or regulatory authorities, including identity verification to prevent such crimes).
- Managing the relationship between the Company and you (such as customer care, satisfaction assessment, customer segmentation, complaint management).
- Developing and improving products, services, and various systems of the Company, including researching and analyzing data, as well as offering products, services, and benefits suitable for you while considering your basic rights to personal information.
- Recording all type of images, and/or sounds related to meetings, training, seminars, recreational or other activities (such as marketing promotion activities, community support activities, activities supporting the customer’s business, etc.), including using recordings for public relations purposes related to such meetings, training, seminars, recreational or other activities, both within and/or outside the Company.
- In the case of corporate customers of the Company, the Company may collect, use, and disclose personal information of directors, authorized representatives, or agents.
- Undertaking activities for the continuous operation of the Company’s business.
- Managing claims and disputes, filing lawsuits, and conducting legal proceedings related thereto.
- Preparing and/or presenting account names, account statements, and/or transaction reports in case you engage in any transactions with the Company.
- Preventing security risks (such as monitoring network activity logs, identifying security-related incidents, conducting security checks, and preventing any malicious, fraudulent, deceptive, or unlawful actions).
- Complying with applicable foreign laws.
- Conducting research, planning, and statistical analysis (such as data analysis, evaluation, surveys, and reports related to the Company’s products and/or services and your behavior).
- Organizing projects or promotional activities, meetings, seminars, and visits to various organizations (company visits).
- Facilitating accounting audits performed by auditors.
- Keeping, maintaining, and updating customer lists and directories (including your personal information), and storing contracts and related documents that may refer to you in such documents.
- Complying with reasonable business standards (such as management, training, auditing, reporting, risk control, analysis, planning, statistical analysis, and similar activities) and establishing business control to enable the business to operate, and ensuring that the Company can identify and resolve problems in the Company’s information technology (IT systems) for security, development, operation, and maintenance of IT systems.
- Your Consent
In some cases, the Company may request your consent to collect, use, or disclose your personal information to provide you with maximum benefits and/or to enable the Company to respond to your needs. This includes, but is not limited to, the following purposes:- Necessity to collect, use, or disclose sensitive personal data (such as using facial recognition data or photographs of your ID card, passport, or any work-related documents to verify and confirm your identity before transactions and customer onboarding (Know Your Customer).
- Collecting and using your personal information and any other data for research and analysis to maximize the development of products and services that genuinely meet your needs, and/or contacting you to offer products, services, and benefits tailored to you.
- Contacting you to provide information about products or services of the Company that you may be interested in (in cases where consent is required under the Personal Data Protection Act).
- Other operations that require your consent.
- Other Legal Bases
In addition to the legal bases mentioned above, the Company may collect, use, or disclose your personal information under the following legal bases:- To prevent or suppress a danger to life, body, or health.
- Necessity for the performance of duties in carrying out tasks for the public interest or for the exercise of official authority by employees.
- Creating historical documents or records for public interest or related to research or statistics.
- Company’s Legal Obligations
If the personal information collected from you by the Company is necessary for the Company’s compliance with its legal obligations or for entering into a contract with you, the Company may not be able to provide (or continue to provide) some or all of its products or services to you if you do not provide such personal information when requested by the Company.
2. Personal Information Collected, Used, or Disclosed by the Company
The types of personal information that the Company collects, uses, or discloses may vary depending on the scope of the services you may have used or are interested in. This includes both general personal information and sensitive personal information, including but not limited to the following information:
Data Types | Example of Personal Data |
Personal Details
|
|
Contact Details |
|
Details Used for Identification and Verification |
|
Work Details |
|
Financial and Relationship Information with the Company |
|
Market Research Data and Market Information |
|
Geographical Information and Details about Your Devices and Software |
|
Information for Verification |
|
User Account Access, Service Requests, and User Account Details |
|
Usage Details |
|
Sensitive Personal Information |
|
Consent-Given Mobile Phone Data |
|
Other Information |
|
3. Sources of Your Personal Data
Generally, the company collects personal data directly from you. However, in some cases, the company may obtain your personal data from other sources. The company will handle this in accordance with the Personal Data Protection Act. Personal data obtained from other sources may include, but is not limited to, the following:
- Information received from subsidiaries, affiliated companies, business partners, and any other individuals or entities with a legal relationship with the company.
- Information received from individuals associated with you (such as family members, friends, or referrals).
- Information received from organizational customers, where you act as a director, authorized representative, agent, delegate, or contact person.
- Information received from government agencies, regulatory bodies overseeing the company, financial institutions, credit reporting companies, and/or external service providers (such as publicly disclosed information, transaction data, and credit information).
If you provide personal data of other individuals to the company in transactions or other situations, you must inform those individuals about the details of the data collection, use, and disclosure, and obtain consent from them if necessary, or rely on other legal bases for providing their personal data to the company.
4. Disclosure of Your Personal Data
The company may disclose your personal data to individuals or organizations under the criteria set by the Personal Data Protection Act, including but not limited to the following:
- Government agencies and/or regulatory bodies overseeing the company (such as the Bank of Thailand, Electronic Transactions Development Agency, Office of the Insurance Commission, Anti-Money Laundering Office, Ministry of Digital Economy and Society, Revenue Department, and Ministry of Interior).
- Persons involved in cases of selling rights, claims, and/or assets, restructuring the organization, or merging the business of the company. This includes individuals that the company may need to share information with for the purpose of selling rights, claims, and/or assets, organizational restructuring, business transfer, financial arrangements, asset sales, or other transactions related to the company’s business.
- Debt collectors, lawyers, credit reporting companies, government agencies, or any other individuals or entities designated or authorized by the company to disclose personal data in accordance with laws, regulations, or orders.
- External service providers offering various services to the company (such as IT service providers, cloud computing service providers, including, but not limited to, representatives of the company abroad, correspondent banking, international payment system providers, and subcontractors or agents acting on behalf of the company).
- External individuals providing guarantees as third-party collateral.
Use of Cookies
The company may collect and use cookies and similar technologies when you use its products and/or services, including using the website, conducting financial transactions over the Internet, and using the company’s applications.
The collection and use of cookies and similar technologies as mentioned above help the company remember you, understand your preferences, and improve the way the company offers products and/or services to you. Cookies may be used for various purposes, such as enabling basic functions to work, helping the company understand how you use the company’s website or email, enhancing your online experience or communication with the company, and ensuring that online advertisements shown to you are more relevant and interesting. For details, please refer to the Cookie Policy.
Use of Personal Data for Original Purposes
The company has the right to collect, compile, and use your personal data that the company has collected before the effective date of the Personal Data Protection Act regarding the collection, use, and disclosure of personal data for the original purposes. If you do not wish the company to continue collecting, compiling, and using such personal data, you may notify the company to withdraw your consent at any time.
Data Security
The company employs internal security measures and strictly enforces policies to ensure the security of your personal data within the company. This includes data encryption and access prevention measures. The company requires its personnel and external contractors to comply with appropriate privacy standards and policies. This includes ensuring the secure maintenance of data and implementing suitable measures for the use or transmission of your personal data.
Data Retention Duration
The company will retain your personal data for the duration of your relationship with the company as a customer or in any relevant capacity, and for as long as necessary to achieve the purposes outlined in this policy. When you terminate your relationship with the company, the company will continue to retain your personal data thereafter for a period deemed necessary based on the retention period required by law or permitted by law. For example, data may be kept for 5-10 years after the termination of the relationship, depending on the case, in compliance with anti-money laundering laws. Additionally, the company may retain data for 10 years after the termination of the relationship in compliance with financial institution laws, accounting laws, and tax laws.
The company will undertake appropriate steps to delete or destroy personal data, or render it non-identifiable when it is no longer necessary or when the aforementioned time periods have elapsed.
Applicable Laws
This Privacy Policy is subject to interpretation and enforcement under Thai law, and the Thai courts have the authority to adjudicate any disputes that may arise or be related to this Privacy Policy.