2. Personal Data
“Personal Data” means any identified information about you which may be collected directly or indirectly from you, other sources, and our affiliates, service providers, business partners, official authorities, or third parties, including our service providers and public sources.
“Sensitive Data” means Personal Data classified by law as sensitive data which shall be collected, used, and/or disclosed if we have obtained your explicit consent or as permitted by law.
3. Types of Data/Information
Personal identity details include but not limited to your full name, gender, age, occupation, work place, education, nationality, date of birth, marital status, information obtained from government-issued/official documents.
Contact details include but not limited to your residential address, telephone number, mobile number, email address, and other communication relevant information.
Account and financial details include but not limited to your passbook, credit card/debit card information, utility bills, bank account, proof for source of wealth and/or source of funds, personal assets details, payment details, and service/products details.
Transaction details include but not limited to a type of products, price, quantity, order number, code, trading history and balance, payment and transaction records relating to your assets, financial statements, liabilities, taxes, revenues, investments, trade information, and other relevant information which may be requested/obtained.
Technical details include but not limited to your IP address, web beacon, log, device ID, device type, network details, connection details, access details, single sign-on (SSO) details, video and voice recordings, transaction log, login log, access times, cookies, search and browsing details, browser type and version, geological information, browser plug-in types and versions, operating system and platform, and other technical information the Company collected through your usage of our application.
Profile details include but not limited to your account identifiers, username and password, PIN ID code for trading, interests and preferences, activities, investment objectives, investment knowledge and experience, and risk tolerance.
Communication or Usage details include but not limited to information on how you use the platform/application, products and services.
Sensitive Personal Data
Sensitive data is personal data which is categorized under laws and required the Company to obtain an explicit consent from clients in order to perform and/or provide services. Therefore, this shall be in relation to legal obligations, the information shall be specifically or regarding to ethnicity, race, political/philosophical opinions, sexual orientation, medical/criminal records, and other information may be considerably comparable as sensitive data.
4. Methods of Data Collection
The Company collects and receives your personal data; directly, indirectly, and via third parties.
A direct way of personal data obtained is by clients. As you input your personal data on our platform or by any means provided by us, such as; clients making inquiries, submitting forms, applying for services, and other communications interacting with the Company.
An indirect method is when the Company automatically collects clients’ personal data via the Company’s system or platform, such as; browsing history, cookies, or other technical methods.
The Company usually have third parties to provide personal data of clients in relation to legal obligation, regulatory requirements and other laws which related to Company’s services and products. Third parties can be an issuer of digital assets, asset management companies, service providers, government organizations, recruiters.
5. The Purpose of collection, use or disclosure of Personal Data
- An explicit consent must be provided to collect, use, and/or disclose Sensitive Data as known as Personal Data pertaining to racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, or of any data which may affect the data subject in the same manner. Also, consent is required by you for us to provide promotion details, marketing communications, including special offers.
- To cross-border transfer your Personal Data to a country which may not have an adequate level of data protection according to the rules on the protection of personal data for which consent is required by law.
- For other legal grounds whereby we can collect, use, disclose and/or cross-border transfer your Personal Data by relying on the following grounds: (1) a contractual basis, when a contract is agreed upon and we are able to proceed further actions to initiate and/or fulfill our contractual conditions; (2) a legal obligation; (3) a legitimate interest of ourselves and third parties; (4) vital interest, for preventing or suppressing a danger to a person’s life, body or health; and (5) public interest, for the performance of a task carried out in the public interest or for the exercise of official actions.
6. Disclosure or Transfer your Personal Data
The Company may disclose and/or transfer your personal data within Thailand and/or overseas to any of its affiliates, service providers, and/or third parties who are related in working with the Company to perform, provide, and/or fulfill Services, process the information on behalf of the Company, and in order to accomplish any purpose related to the services provided. Including, any request from government agencies, authorities, regulators, and courts, all in accordance with applicable laws.
For cross-border transfers, we may disclose or transfer your Personal Data to overseas third parties or servers, and may to those countries with different data protection standards from Thailand.
7. Transfer and Off-Shore Clients’ Personal Data
8. Retention period of Personal Data
Your Personal Data will be retained as required by applicable laws and regulatory obligations. The information will be securely kept for necessary purposes of our Services provided and its continuation, therefore your Personal Data can be kept up to 10 years after you exit our services unless otherwise stated or required by laws. Once we decide not to retain personal data, we will destroy, or delete your Personal Data.
Most websites allow you to control, accept or not to accept Cookies. You can adjust the settings on your browser or within your mobile device so that you will be notified when you receive a cookie. You may, at any time, disable the cookies by changing the settings on your browser or via your mobile device. If you reject Cookies, your access to our services or functions may be limited.
- Personal Data related to third parties
- Personal Data used by minors, incompetent persons or quasi-incompetent persons
Our activities are not allowed for minors, incompetent persons and quasi-incompetent persons. However, if we unintentionally receive these persons’ Personal Data in any cases, we do not knowingly collect Personal Data from customers who are minors without their parental or legal guardian consent, as a case maybe, when it is required, or from incompetent persons or quasi-incompetent persons without their custodian or the curator, as a case maybe. Moreover, if we learn that we have unintentionally collected Personal Data from any minor without parental or legal guardian, as a case maybe, when it is required, or from incompetent person or quasi-incompetent person without their custodian and curators’ consent, we will delete it immediately or continue to process such Personal Data if we can rely on other legal bases apart from consent.
10. SECURITY OF YOUR PERSONAL DATA
We place great emphasis on ensuring the security of your personal data. We regularly review and provide reasonable and appropriate physical, technical and organizational security measures when processing your personal data.
Moreover, our employees are trained to handle the personal data securely and with respect, failing which they may be subject to disciplinary actions.
11. The Rights to your Personal Data
- Rights of Data Subject
In regards with the data subject, you have the rights of your Personal Data subject to the conditions under the Personal Data Protection laws. If you wish to make any request, you can contact us via information provided in this policy.
- Right to Access
You have the right to access your Personal Data by making a request to us to provide you a copy of such Personal Data, by any means aligned with the requirements under the Personal Data Protection laws, including how the Company disclose, collect, or use your Personal Data without requiring your consent, as allowed under the Personal Data Protection laws.
- Right to Data Portability
You have the right to obtain your Personal Data in the format which is readable or commonly used by ways of automatic tools or equipment, including to request to send or transfer your Personal Data to another Data Controller or to you, unless it is technically unfeasible to do so. Your rights to data portability shall be in accordance with the requirements under the Personal Data Protection laws.
- Right to Object
You have the right to object a processing of your Personal Data, and the Company will conduct accordingly to the conditions under the Personal Data Protection laws.
- Right to Erasure
You have the right to request to delete, destroy, suspend, restrict, or anonymize your Personal Data in any deemed appropriate circumstances under the Personal Data Protection laws.
- Right to Restriction
You have the right to request a restriction to the processing of your Personal Data in certain circumstances under the Personal Data Protection laws.
- Right to Rectification
You have the right to request a rectification of your Personal Data whereby the information is inaccurate, not up-to-date, incomplete, or misleading.
- Right to Withdraw Consent
You have the right to withdraw a consent provided to the Company for any processing on the legal basis whereby the Company is dependent on your consent and still taking a possession of your Personal Data.
- Right to Lodge a Complaint
If you have any concerns or questions of the Company’s mandates in relation to processing of your Personal Data, please contact Company via the Company’s contact info provided herein the policy. If there should be any suspect or alleged infringement in accordance with Personal Data Protection laws, you have the right to lodge a complaint.
The Company shall consider and proceed your request within 30 days after the Company received such request. Company will apply our best effort of the capability of the relevant systems to facilitate and carried out at your request.
13. Contact Us