Privacy Policy
Siam Takashimaya (Thailand) Co., Ltd. (the "Company", "we", "us", or "our") respects the importance of the protecting your rights regarding information relating to any identified or identifiable natural person ("Personal Data") from our products and services. We understand you would like to receive the required level of protection as required by the Thai applicable laws on data protection for how information about you is collected, used, disclosed, and/or transferred outside of Thailand. The information you share with us allows us to provide the products and services you need and want, appropriately tailored for you, and not only from us but also those within Siam Piwat Group. We provide data protection which includes protecting your Personal Data from being used without your permission beforehand.
This privacy policy (this "Privacy Policy") applies to our retail stores, websites, mobile applications, social networking sites, online communication channels, reward programs, events and activities, and other locations where we collect your Personal Data. However, please read this Privacy Policy in conjunction with the terms and conditions of particular service that you use, which may set out separately regarding the personal information we collect about you.
We may amend or change this Privacy Policy at any time we deem necessary with or without notice, so we suggest you to read this Privacy Policy every time before doing any transaction with us. We will also provide additional notice of significant updates to this policy.
1. What Personal Data we collect
We may collect, maintain, and use the following types of information which may include your Personal Data, directly or indirectly, from you, other sources, or through our affiliates, subsidiaries, other companies, business partners, or communications between us. The specific type of data collected will depend on the communication and interaction between you and us, your behaviour and transaction related to the services or products you need or want from us and within Siam Piwat Group.
-
1) Personal details,
such as title, full name, gender, age, blood type, nationality, date of birth, educational background, occupation, position, workplace, information on government-issued cards (e.g., national identification number, passport number, driver's license details, government official ID card, or similar identifiers), photograph, CCTV records, vehicle details (e.g., copy of vehicle registration book, license plate number, brand, and color), and other physical characteristics;
-
2) Contact details,
such as postal address, delivery details, billing address, telephone number, email address, LINE ID, and other ID from social networking sites;
-
3) Financial details,
such as credit card information (e.g., name and number), financial status, income and other financial related information;
-
4) Transaction details,
such as details about payment to and from you, payment date and time, purchased items and payment amount, branch that you received product or service, address/date and time for pick up or delivery, acknowledgement of receipt, receipt, invoices, transaction history, and transaction status;
-
5) Computer system, device and equipment details,
such as User ID, PIN, type of device, geography location, operating system, network information of the mobile, computer traffic information, and information of the use of service on website and application (e.g., searching history, date, and time)
-
6) Behaviour details,
such as information about your behavior, lifestyle, opinion, interaction and your location data in our building;
-
7) Profile details,
such as member card number, user or username, purchasing behaviour, and other details of products and services you have purchased, filed complaints about, claimed, complimented, and suggested;
-
8) Marketing and communication details,
such as your preference in receiving marketing from us, our affiliates, subsidiaries, third parties, business partners, and your communication preferences; and/or
-
9) Sensitive data,
such as religion, health data (e.g., allergic food), race/ethnic origin, and criminal record.
If you provide Personal Data of any third party to us, e.g., their name, family name, address details, and telephone number for emergency contact, family member income; please provide this Privacy Policy for their acknowledgement and/or obtaining consents where applicable.
We will only collect, use, or disclose sensitive data on the basis of your explicit consent or where permitted by law.
We only collect the information of children, quasi-incompetent persons, and incompetent persons where their parent or guardian has given their consent. We do not knowingly collect information from customers under the age of 20 without their parental consent when it is required, or from quasi-incompetent persons and incompetent persons without their legal guardian's consent. In the event we learn that we have unintentionally collected personal information from anyone under the age of 20 without parental consent when it is required, or from quasi-incompetent persons and incompetent persons without their legal guardians, we will delete it immediately or process only if we can rely on other legal bases apart from consent.
2. Why we collect, use, and/or disclose your Personal Data
2.1. The purpose of which you have given your consent:
-
1) Marketing and Communications:
To provide marketing communication, privileges, sales, discounts, public relations, notices, news, promotions, special offers, campaign, events, marketing activities, advertisement and direct marketing and information about the products and services from Siam Piwat Group, our affiliates, subsidiaries and/or business partners which we cannot rely on other legal bases.
-
2) Sensitive Data
- (1) Religion for authentication and providing supporting services (e.g. food preparation).
- (2) Health data (e.g. allergic food) for food preparation.
- (3) Race/ethnic origin, we collect race and ethnic origin in certain circumstances, such as from the tourist card application form. We will not use this data in a form that can identify you directly or indirectly. We may use this data in an anonymized format to create a business report or demand forecast report.
- (4) Criminal record, for security and prevention of fraud.
2.2. The purposes we may rely on and other legal grounds for processing your Personal Data
We may also rely on (1) contractual basis, for our initiation or fulfilment of a contract with you; (2) legal obligation, for the fulfilment of our legal obligations; (3) legitimate interest, for the purpose of our legitimate interests and the legitimate interests of third parties; (4) vital interest, for preventing or suppressing a danger to a person’s life, body, or health; and/or (5) public interest, for the performance of a task carried out in the public interest or for the exercising of official authorities.
We may collect, use, and/or disclose your Personal Data for the following purposes:
-
1) To provide products and services to you:
To enter into a written or unwritten contract and manage our contractual relationship with you; to process on your member registration, card registration, purchasing and activation; to carry out contract details, financial transactions, and services related to payments; to provide updates on your orders and on the delivery of the products; to remind you of your membership and gift card expiration; to check card balance and points collection; to offer and provide services or products related to financial products, banking loans, asset management, investments, insurance, electronic transactions, credit cards, cash cards, property, delivery services, transportations services, travel services and travel agencies; to process on invoice and receipt issuance; to exchange or return purchased products and refund the purchased price; to redeem points for gifts; to grant you access and to provide free Wi-Fi within the building area; to allow you to park your vehicle and take your vehicle out of parking area in case of lost parking ticket/card; to facilitate you on business trips; to deliver and/or return your items in case of lost & found; to provide aftersales services;
-
2) Marketing and Communications:
To provide marketing communication, privileges, sales, discounts, public relations, notices, news, promotions, special offers, campaign, events, marketing activities, advertisement and direct marketing and information about the products and services from us, Siam Piwat Group, our affiliates, subsidiaries and/or business partners;
-
3) Loyalty programs, rewarding programs, lucky draw and other offers:
To provide product display, procurement and support, special activities, rewarding programs point earning and redemption, gift, lucky draw, and all related services);
-
4) Recommendations and Personalization:
To recommend products and services that might be of interest to you, identify your preferences, and personalize your experiences;
-
5) Registration and Authentication:
To register, verify, identify, and authenticate you or your identity;
-
6) To contact and communicate with you:
To communicate with you on marketing communications, sales, special offers, promotions, notices, news, campaigns, events, marketing activities, advertisement and direct marketing and information about the products and services; to provide you information related to the products and services you obtain from us, within Siam Piwat Group, our affiliates, subsidiaries, and from our business partners; to process and update your information as our member; to handle customer service-related queries, requests, feedback, complaints, warranty claims, disputes or indemnity;
-
7) Profiling and data analytics:
To analyse your Personal Data (e.g., your behaviour, purchased products and services, purchased price, locations) for Marketing Activities, and development of our products and services; to conduct a profiling and data cleansing; to conduct market research, survey, behaviour tracking, statistics, segmentation, and consumption trends; to improve business performance and better adapt our content to your identified preferences; to forecast the product demands; to determine the effectiveness of our promotional campaigns;
-
8) To improve business operations, products, and services:
To manage and improve our services, products, and business operations for you and all of our customers within Siam Piwat Group, including but not limited to, our business partners; to assure quality of our products and service; to conduct legal consulting; to create dashboard and customer-spending reports; to identify and resolve of issues which may occur from our existing products and services; to track, manage and facilitate your experience on our sites, application and platform; to provide additional offer and services which may occur in the future;
-
9) To learn more about you:
To learn more about the products and services you receive, and other products and services you may be interested in receiving; for example, by looking at the types of products and services that you obtain from us, how frequently you access our building, and how you would like to be contacted; to learn more from your compliments, suggestions, and complaints;
-
10) Compliance with regulatory and compliance obligations:
To comply with legal obligations, legal proceedings, or government authorities' orders; to cooperate with courts, regulators, government authorities, and law enforcement bodies when we reasonably believe we are legally required to do so, and when disclosing your Personal Data is strictly necessary to comply with the said legal obligations, proceedings, or government orders; to handle tax payment, VAT refunds, and other fees;
-
11) Protection of our interests:
To protect the security and integrity of our business; to exercise our rights or protect our interest where it is necessary and lawful to do so; for example, to detect, prevent, and respond to fraud claims, intellectual property infringement claims, legal proceedings or violations of law; to manage and prevent loss of our assets and property; to secure the compliance of our terms and conditions; to process on IT security and IT system operation; to detect and prevent misconduct within our premises which includes our use of CCTV; to follow up on incidents, prevent, and report criminal offences;
-
12) Fraud detection:
To detect and prevent the use of the service without permission, or fraudulent or illegal means; to conduct legal and other regulatory compliance checks (e.g., to comply with anti-money laundering regulations), to perform internal audits and record checks, and other business controls;
-
13) Corporate transaction:
in the event of sale, transfer, merger, reorganization, or similar event we may transfer your information to one or more third parties as part of that transaction; and/or
-
14) Life:
To prevent or suppress a danger to a person’s life, body, or health.
If you fail to provide your Personal Data when requested, we may not be able to provide our products and services to you.
3. To whom we may disclose or transfer your Personal Data
We may disclose or transfer your Personal Data to the following third parties who collect, use and disclose Personal Data in accordance with the purposes under this Policy. These third parties may be located in Thailand and areas outside of Thailand. You can visit their privacy policy to learn more on how they collect, use, and disclose your Personal Data as you are also subject to their privacy policies.
3.1. Siam Piwat Group
As Siam Takashimaya (Thailand) Co., Ltd. is part of Siam Piwat Group which all collaborate and partially share customer services and systems including website-related services and systems, we may need to transfer your Personal Data to, or otherwise allow access to such Personal Data, by other companies within Siam Piwat Group for the purposes set out in this Privacy Policy. This will allow other companies within Siam Piwat Group to rely on consent obtained by Siam Takashimaya (Thailand) Co., Ltd.
3.2. Our service providers
We may use other companies, agents, or contractors to perform services on behalf or to assist with the provision of products and services to you. We may share your Personal Data to our service providers or third-party suppliers including, but not limited to (1) bank and financial institution; (2) logistic and courier service providers; (3) marketing, advertising media, and communications agencies; (4) event organizers; (5) telecommunications and communication service providers; (6) outsourced administrative service providers; (7) data storage and cloud service providers; (8) insurance company; (9) risk management service provider; (10) travel agencies; (11) building renovator and/or (12) internet, software, digital media, IT system service providers, and IT support company.
In the course of providing such services, the service providers may have access to your Personal Data. However, we will only provide our service providers with the information that is necessary for them to perform the services, and we ask them not to use your information for any other purposes. We will ensure the service providers we work with will keep your Personal Data secure as required under the laws.
3.3. Our business partners
We may transfer your Personal Data to our business partners. From time to time, we may cooperate with our business partners (e.g. shop tenants, rewarding program partners, credit card partners), whom we may jointly offer products or services, or whose products or services may be offered to you.
3.4. Third party sites
We may have advertisements which link to the other websites, mobile applications, social networking sites, online communication channels and such website, mobile application, social networking site, online communication channel may have its own terms of use or policy related to the use of the service and privacy policy which differ from the Company's Privacy Policy and Term of Use. We suggest you review such terms of use or privacy policy of such website personally.
3.5. Third parties required by law
In certain circumstances, we may be required to disclose or share your Personal Data in order to comply with legal or regulatory obligations. This includes any law enforcement agency, court, regulator, government authority or other third party where we believe it is necessary to comply with a legal or regulatory obligation; or otherwise to protect our rights, the rights of any third party or individuals’ personal safety, or to detect, prevent, or otherwise address fraud, security, or safety issues.
3.6. Professional advisors
This includes legal consultants, auditors or other consultants who assist in running our business, and the defending or bringing of any legal claims.
3.7. Assignee of rights and/or obligations
Third parties as our assignee, in the event of any reorganization, merger, business transfer, whether in whole or in part, will comply with this Privacy Policy to respect your Personal Data.
4. International transfers of your Personal Data
We may disclose or transfer your Personal Data to third parties or servers located overseas, which the destination countries may or may not have the same data protection standards. We take steps and measures to ensure that your Personal Data is securely transferred and that the receiving parties have in place suitable data protection standards or other derogations as allowed by laws. We will request your consent where consent to cross-border transfer is required by law.
5. How long do we keep your Personal Data
We shall retain your Personal Data for as long as is reasonably necessary to fulfil the purpose for which we obtained it, and to comply with our legal and regulatory obligations. However, we may have to retain your Personal Data for a longer duration, as required by applicable law.
6. Cookies and cache file and how they are used
If you visit our websites and applications, we shall track, collect, and record certain Personal Data by using cookies or other tracking technology.
We shall use a cache data to record your data. In case you use other devices to connect with our websites or applications, your data may be stored and recorded in form of a cache file; or the part of your data might be duplicated on the computer or mobile device for using next time, provided that we have no control related to the data or access of the cache file.
7. Your rights as a data subject
Subject to applicable laws and exceptions thereof, you may have the following rights to:
-
1) Access:
You may have the right to access or request a copy of the Personal Data we are collecting, using, and disclosing about you. For your own privacy and security, we may require you to prove your identity before providing the requested information to you.
-
2) Rectification:
You may have the right to have incomplete, inaccurate, misleading, or or not up-to-date Personal Data that we collect, use, and disclose about you rectified.
-
3) Data Portability:
You may have the right to obtain Personal Data we hold about you, in a structured, electronic format, and to send or transfer such data to another data controller, where this is (a) Personal Data which you have provided to us, and (b) if we are processing such data on the basis of your consent or to perform our contract with you.
-
4) Objection:
You may have the right to object to certain collection, use, and disclosure of your Personal Data, such as objecting to direct marketing.
-
5) Restriction:
You may have the right to restrict the use of your Personal Data in certain circumstances.
-
6) Withdraw Consent:
For the purposes you have consented to our collecting, using, and disclosing of your Personal Data, you have the right to withdraw your consent at any time.
-
7) Deletion:
You may have the right to request that we delete or de-identity Personal Data that we collect, use, and disclose about you. However, we are not obligated to do so if we need to retain such data in order to comply with legal obligations or to establish, exercise, or defend legal claims.
-
8) Lodge a complaint:
You may have the right to lodge a complaint to the competent authority where you believe our collection, use, and disclosure of your Personal Data is unlawful or noncompliant with applicable data protection law.
8. Our Contact Details
If you wish to contact us to exercise the rights relating to your Personal Data or if you have any queries about your Personal Data under this Privacy Policy, please contact us or our Data Protection Officer at:
1) Company Name
- Siam Takashimaya (Thailand) Co., Ltd.
- ICONSIAM Shopping Center, B2 – 4th Floor 299 Charoen Nakhon, Klong Ton Sai, Klong San, Bangkok 10600
- Contact Number: 02-011-7500