(a) our customers
(b) non-customers, for example, anyone who uses our websites or applications, involves in transactions with us or our customers, or contacts Z.com.
Links to non-Z.com websites
Personal information means any information relating to a person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons in particular.
The types of personal information Z.com may collect from you includes, but not limited to.
|Category||Examples of personal data|
○ Name, surname
○ Height, weight
○ Marital status
○ Educational background
○ telephone number
○ email address
○ Name of representatives or authorized persons/directors acting on behalf of our customers
○ Social media accounts
|Identification details and authentication details||
○ Identification number
○ work experience
○ salary or income
○ credit/debit card number
○ other billing information
|Information about your relationship with us||○ details of the services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those services and to respond to your enquiries|
|Market research, marketing and sales information||○ customer survey|
|Online research||○ Information and opinions expressed when participating in online research|
|Geo-location data||○ IP address or physical location when you request location-based services|
|Technical data||○ certain traffic information that your browser sends to a website (such as your browser type and language, access times, and the address of the website from which you arrived), Internet Protocol (IP) address, unique device identifier, clickstream behavior (i.e., the pages you view, the links you click, and other actions you take in connection with Z.com websites or “powered by” websites) and service information.|
|User login and subscription data||○ user IDs and passwords, service preferences, contact preferences|
|Sensitive personal data||
○ Racial data
○ Political preference
○ Health data
○ information relating to you that you open the email or click on a link contained in the email
○ demographic/profile data and geographic information acquired from commercial sources
○ Information that you provide to us directly or indirectly through any channels
Z.com may directly or indirectly collect your personal information from and about you including, but not limited to, through your access and use of website, web-based applications, or mobile applications, during conversations or correspondence with Z.com representatives, through our group companies or business partners, or when you purchase services, or complete an online application form.
Z.com may collect your personal information in connection with:
○ service orders, activations, and registrations
○ profile creation and user verification for online services
○ information requests or complaints
○ marketing, newsletter or support subscriptions
○ contest entries or survey participation
○ payment method applications
○ event registration
○ visits or browsing on Z.com websites
○ other activities necessary for the normal course of business of Z.com
If you post, comment, indicate interest or complaint, or share personal information, including photographs, to any public forum on an Z.com site, social network, blog, or other such forum, please be aware that any information you submit can be read, viewed, collected, or used by other users of these forums, and could be used to contact you, send you unsolicited messages, or for purposes that neither you nor Z.com have control over. Z.com is not responsible for the personal information you choose to provide in these forums.
Automated technologies or interactions
In addition to the information you provide, Z.com may also collect information during your visit to Z.com website, web-based application, or a website “powered by” another company on behalf of Z.com, through our automatic data collection tools, which include, but not limited to, Web beacons, cookies, and embedded Web links (“Automatic Data Collection Tools”). These tools collect Technical Data. Z.com may also use some of these Automatic Data Collection Tools in connection with certain emails and communications sent from Z.com and therefore may collect open the email or click on a link contained in the email.
Third parties or publicly available sources.
Z.com also collects information from publicly or commercially various available sources that it deems credible. The information Z.com collects from its public or commercial sources may be used along with the information Z.com collects when you visit Z.com sites. For example, Z.com may compare the geographic information acquired from commercial sources information using these tools with the IP address collected by Automatic Data Collection Tools to derive your general geographic area. We may receive personal information about you from analytics providers such as Google or Facebook
5.1 Z.com may use your information to:
○ manage our relationship with you;
○ assist you in completing a transaction or order;
○ prevent and detect security threats, fraud or other malicious activity;
○ communicate with you about Z.com services or support and send marketing communications;
○ provide services and support to you;
○ improve and develop services and support including through quality control, research and data analysis activities;
○ update you on new services and benefits;
○ measure performance of marketing initiatives, ads, and websites “powered by” another company on Z.com’s behalf;
○ allow you to participate in surveys;
○ answer enquiries, provide information, support or advice about existing and new services;
○ assess and improve the performance and operation of Z.com websites;
○ carry out other activities necessary for the normal course of business of Z.com
Credit card information is used only for payment processing and fraud prevention and will not be kept longer than necessary for providing the services, unless you ask us to retain your credit card information for future purchases.
5.2 In principle, Z. com processes personal information only when:
○ The processing is necessary for the purposes of the legitimate interests pursued by Z. com as a controller or the interests of a third party other than Z.com, except where the fundamental rights and freedoms of you regarding the protection of your personal information override these interests.
○ The processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. In case you refuse to provide us your personal information, we may be unable to provide you our services.
Other than where justified above, Z.com will usually process personal information where:
○ The processing is necessary for compliance with a legal obligation which is imposed upon the organization. In this case, you are required to provide us your personal information for compliance with the law.
○ The processing is necessary for preventing or suppressing a danger to a person’s life, body, or health.
○ The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Z.com.
○ The processing is necessary for the achievement of the purpose relating to the preparation of the historical documents or the archives for the public interest, or for the purpose relating to research or statistics, in which the suitable measures to safeguard your rights and freedoms are put in place.
○ You have given your consent. Z. com shall inform the person concerned before or at the time the data is collected about the purpose for which consent is required, which personal information will be collected for the processing, the right to revoke consent, and transfer to third countries.
○ If you have given your consent for a specific processing purpose to Z.com in order to process your information for that purpose, you can withdraw this consent at any time. Z.com will then stop any further processing of your personal information for which you gave consent. If Z.com processes your personal information for other purposes and in order to do so Z.com refers to other legal bases, Z.com will still be able to process your personal information.
(a) Share information with other Z-com companies, Z-com’s parent company, and other Z.com-owned business entities in the worldwide
(d) disclose business-related information to potential purchasers, buyers, or business partners in the case where Z.com decides to sell, buy, merge or otherwise reorganize businesses in some countries.;
(e) respond to duly authorized information requests of police and governmental authorities;
(f) comply with any law, regulation, subpoena, or court order;
(g) investigate and help prevent security threats, fraud or other malicious activity;
(h) enforce/protect the rights and properties of Z.com or its subsidiaries; o
(i) protect the rights or personal safety of Z.com, our employees, and third parties on or using Z.com property when allowed and in line with the requirements of applicable law;
(j) disclose your personal information to your attorney, authorized persons or legal representatives who have lawfully authorized power.
Z.com may send or transfer your personal information overseas if the country where the receiver is based has adequate data protection standard in accordance with the rules for the protection of personal information as prescribed by the Data Protection Committee.
In other cases, Z.com may send or transfer your personal information overseas if Z.com provide appropriate safeguards which enable the enforcement of the data subject’s rights, including effective legal remedial measures according to the rules and methods as prescribed and announced by the Personal Data Protection Committee.
Where this has not occurred or is not possible, Z.com may still transfer your personal information in the following circumstances:
(a) where it is for compliance with the law;
(b) where your consent has been obtained, provided that you have been informed of the inadequate personal data protection standards of the destination country;
(c) where it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
(d) where it is for compliance with a contract between the Company, and other persons for your interests;
(e) where it is to prevent or suppress a danger to your or other persons’ life, body, or health, when you are incapable of giving the consent at such time;
(f) where it is necessary for carrying out the activities in relation to substantial public interest.
Z.com does not knowingly collect information from children as defined by local law, and does not target its websites or mobile applications to children under these ages. We encourage parents and guardians to take an active role in their children’s online and mobile activities and interests.
ZZ.com gives you the choice of receiving a variety of information that complements our services. You can subscribe to receive service-specific information and also choose to receive Z.com general communications. We give you a choice regarding delivery of Z.com general communications by postal mail, email, telephone, or mobile device.
Z.com general communications provide information about services and/or support. This may include new services information, special offers, or invitations to participate in market research or compliance reviews.
You have the right to:
Request access to and obtain a copy of your personal information that we hold about you. For any further copies requested by you, Z.com may charge a reasonable fee based on administrative costs. In some cases, we may reject your request where it is permitted by law or pursuant to a court order, and such access and obtaining a copy of the personal information would adversely affect the rights and freedoms of others.
Request the transfer of your personal information to you or to a third party. We will provide such personal information to be in the format which is readable or commonly used by ways of automatic tools and can be used by automated means. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Object to processing of your personal information where we are relying on a legitimate interest, we are processing your personal information for direct marketing purposes, or for the purpose of scientific, historical or statistic research. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request erasure, destruction, or anonymization of your personal information. Please note, however, that we may not always be able to comply with your request if we have legitimate ground to process your information.
Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in some scenarios (for example, when we are pending examination process in accordance with your request to correct such personal information).
Request correction of the personal information that we hold about you. This enables you to have any inaccurate, out-of-date, or incomplete data we hold about you corrected. Please note that it is your responsibility to provide correct personal information to Z.com.
Withdraw consent at any time where we are relying on consent to process your personal information. However, such withdrawal of consent shall not affect the processing of personal information that you have already given consent legally to Z.com.
Complain to the authority. You have the right to file a complaint with the relevant data protection authority in the event that we do not comply with the PDPA.
To protect your privacy and security, we will also take reasonable steps to verify your identity, such as requiring a password and user ID, before granting access to your data. To view and change the personal information that you directly provided to Z.com you can return to the web page where you originally submitted your data and follow the instructions on that web page.
We try to respond to all legitimate requests within thirty days. Occasionally it may take us longer than thirty days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Z.com takes seriously the trust you place in us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, Z.com utilizes reasonable and appropriate physical, technical, and administrative procedures to safeguard the information we collect and process. Z.com retains data only as required or permitted by local law and while it has a legitimate business purpose.
When collecting or transferring highly confidential information such as credit card information, we use a variety of additional security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. The personal information you provide us is stored on computer systems located in controlled facilities which have limited access. When we transmit highly confidential information (such as credit card number or password) over the internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
Credit card numbers are used only for processing payments and are not used for other purposes. As part of real-time payment processing, Z.com subscribes to fraud management services. This service provides Z.com with an extra level of security to guard against credit card fraud and to protect your financial data.
We will only retain your personal information on our systems for the longest of the following periods:
○ As long as is reasonably necessary to fulfil the relevant purposes we collected it for;
○ Any retention period that is required by any legal, accounting, or reporting requirements; or
○ The end of the period in which litigation or investigations might arise in respect to Z.com or by Z.com.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
After the final time limit has passed, we shall delete or anonymize the personal information if we still wish to use such personal information for statistical purposes and may retain it for a longer period of time for dispute management, study or archiving purposes.
The following sections provide additional information about commonly-used web technology tools.
A “cookie” is a small data file transferred by a website to your computer’s hard drive. Z.com or its service providers send cookies when you surf our site or sites where our ads appear, make purchases, request or personalize information, or register yourself for certain services. Accepting the cookies used on our site, sites that are “powered by” another company on Z.com’s behalf, or sites where our ads appear may give us access to information about your browsing behavior, which we may use to personalize your experience. Cookies are typically classified as either “session” cookies or “persistent” cookies.
○ Session cookies do not stay on your computer after you close your browser.
Some Z.com and third-party web pages, applications, and HTML-formatted email use Web beacons alone or in conjunction with cookies to compile information about your website usage and your interaction with email, as well as to measure performance on Z.com., applications, and websites “powered by” another company on Z.com’s behalf. A web beacon is an electronic image, called a single-pixel (1x1) or clear GIF. Web beacons can recognize certain types of information on your computer such as cookies, the time and date of a page viewed, and a description of the page where the web beacon is placed. Depending on the context, web beacons may also refer to content on a third-party server and may be used by service providers to deliver relevant advertising to you.
You may be able to disable web beacons in email messages by not downloading images contained in the message you receive (this feature varies depending on the email software used on your personal computer). However, doing this may not always disable a web beacon or other automatic data collection tools in the email message due to specific email software capabilities. For more information about this, please refer to the information provided by your email software or service provider.
For personal information that has previously been collected by Z.com before the effective date of the PDPA, Z.com is entitled to continue to hold and use your personal information for the original purposes. If you do not wish Z.com to continue holding and using your personal information, you may contact Z.com and notify of your withdrawal of consent.
Z.com PDPA Contact
|Address||1 Fortune Town 22nd Floor, Ratchadapisek road, Dindaeng, Dindaeng, Bangkok 10400|
|For the attention of||Customer Relationship Management Executive|