PRIVACY POLICY

Overview
We provide an overview of our Privacy Policy and where you can find more information below.  For your comprehensive understanding of our practices with respect to your information, please refer to the details set out in this Privacy Policy.  All capitalized terms are as defined in this Privacy Policy.

Who are we?

We are Flare (Thailand) Co., Ltd., a corporation having its registered office at 496-502 Amarin Building, 9th Floor. Unit No.2, 2.1 Phloen Chit Rd, Lumphini, Pathum Wan District, Bangkok. We are acting as a Data Controller for information collected through Our Services.
Details

What information do we collect about you?

We collect the following type of information about you:

  • Information which you choose to provide to us through Our Services

  • Information collected as you use Our Services

  • Information provided from third parties

 

Why do we collect this information?

We collect and use this information to:

  • provide Our Services, like creating your account of Our Services, verifying your user ID and password, charging fees and other payment relating to Our Services

  • maintain and improve Our Services, like tracking system failure and troubleshooting, improving the functions of Our Services

  • develop new products or services, like developing a new function of Our Services or new services based on your usage activity or inquiry from you

  • measure and analyze performance, like measuring and analyzing your visits to and activity on Our Services and optimizing Our Services based on such data

  • communicate with you, like notifying you of amendments in Our Services, responding to inquiries from you 

  • protect Us, our users, and the public, like detecting, preventing, and responding to unauthorized use of your account, fraud, abuse, security risks, and technical issues that could harm Us, you, other users, or the public, investigating or addressing claims or disputes relating to Our Services

  • comply with a law to which we are subjected

  • prepare historical documents or archives for public interest, or to research or statistics

 

Some of information is necessary to be provided for compliance with laws, or conclusion of contract with us, or performing  a contractual obligation with us.  If you do not provide such information, you may not use the whole or part of Our Services.

Who is this information shared with?

Your information is shared with:

  • Our Affiliates

  • third-party service providers performing services to help our operations, such as customer support, technical support, or customer management

  • third-party IT service providers, such as provider of data storage service or business communication platform service

  • third-party advertising service providers

How long do we store your information?

We retain your Personal Data until it is no longer necessary to fulfill the purposes of collecting your Personal Data, or until you request us to erase or destroy your Personal Data. We may be required to retain certain information in order to comply with the laws which we are subject to.

What are your rights with respect to your Personal Data?

Regarding your Personal Data which we collect and store, you have the rights to:  

  • request access to and obtain copy of your Personal Data

  • receive your Personal Data or request us to send or transfer your Personal Data to other Data Controllers by the automatic means

  • object the collection, use, or disclosure of your Personal Data 

  • request to erase, destroy, or anonymize your Personal Data

  • request to restrict the use of your Personal Data

  • request correction or update of your Personal Data

  • withdraw the consent which you have given to us

  • complain to expert committee with respect to our processing of Personal Data


If you are located in the European Economic Area or the United Kingdom (the “European Countries”), you have certain rights and protections under the applicable law regarding the processing of your “personal data” as defined in the applicable law.  

 

Contact us

You may contact us through our Data Controller or Representative. 

  1. Introduction

​This Privacy Policy describes how we collect, use, disclose, share, store, and transfer (collectively, “process”) information about you when you use our services or products (collectively, “Our Services”).   We act as a Data Controller for any information collected through Our Services.

1.1. Who are we?
We are Flare (Thailand) Co., Ltd., a corporation having its registered office at 496-502 Amarin Building, 9th Floor. Unit No.2, 2.1 Phloen Chit Rd, Lumphini, Pathum Wan District, Bangkok.
We have the following affiliate companies (“Our Affiliates”):
- Flare inc., a corporation having its registered office at 2-67-10 Ikebukuro, Toshima-ku, Tokyo 171-0014, Japan

1.2. What is Personal Data?
In this Policy, “Personal Data” means information relating to a natural person, which is identified or identifiable, whether directly or indirectly, but excluding information of deceased natural persons.  Please note that at all times we will adhere to the applicable statutory definition in determining what information is and is not Personal Data for the purposes of this Privacy Policy.


1.3. Scope of this Privacy Policy
This Privacy Policy applies to information, including Personal Data, which we collect in relation to your access or use of Our Services only.  Regarding any information which you provide to or is collected by any third party other than us, please refer to privacy policy separately established by such third party.


1.4.Changes to this Privacy Policy
We will amend this Privacy Policy from time to time.  We will notify you of the amendment of this Privacy Policy through Our Services, or other measures determined by us in case we make any substantive or material amendments.  Any amendment will become effective upon our posting of the amended privacy policy on Our Services.

 

 2. What information do we collect about you?

1) We collect the following information about you:
Information which you choose to provide to us through Our Services 

  • Profile Information: such as name, mailing address, phone number, email address, login name, login passwords, identification information (such as ID number, driver’s license number), birth date, gender, and photo

  • Payment Information: such as credit card information, banking information, or information relating to other kinds of payment measure

  • Information of Communication with us: such as information about the communications between you and us including your inquiry, compliments, and other contact to us 

  • Sensitive Personal Information: you may choose to provide us through Our Services with your information of a sensitive nature such as racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, or any other information of a sensitive nature.  We do not collect and use these information without explicit consent from you, except where permitted by applicable laws.

2) Information collected as you use Our Services

  • Usage Information: such as access dates and times, pages viewed, apps and other system activity, type of browser. In some cases, we collect this information through cookies, beacons, tags, and similar technologies that create and maintain unique identifiers

  • Device Information: such as information about the devices you use to access Our Services, including the hardware models, device IP address, operating systems and versions, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, device motion information, and mobile network information

  • Location Information: such as your precise or approximate location information as determined through data such as GPS, IP address, and WiFi.

  • Driving Information: if you are a driver of Our Services, we may collect information about you such as driving details from the devices you use to access Our Services, including driving speed, GPS-based location information, date and time of driving (We may accidentally collect the driving information of a third party with whom you are a passenger; provided, however, we will not record such information nor identify such third party from the driving information as long as the third party is not a driver of Our Services.)

3) Information provided from third parties

  • We may collect information about you to be provided from third parties due to your consent.  For example, we may collect your account information of third-party’s service when you log in Our Services through such account, or we may collect and use your bank information when we pay fees to you by using third-party’s payment service if you are a driver of Our Services.  We may also collect and use information of how your usage activities on third-party’s services from marketing service providers.

  • In the event that we collect your Personal Data from a third party, we will notify you of the detail of the collected Personal Data and the detail of the third party.  Such notification will be made within 30 days from the date of the collection.

 

3. Why do we process your Personal Data?

3.1. We process your Personal Data for the following purposes, to the extent applicable.

  • To provide Our Services

We process your Personal Data for providing you with Our Services.  For example, we collect your name, email address, and other information to create your account of Our Services, and we use your user ID and password to verify you as a user of Our Services.  If you use a chargeable service, we collect  and use your payment information, such as banking account, credit card information, to charge you fees and other payment relating to Our Services.

  • To maintain and improve Our Services
    We process your Personal Data for maintaining or improving Our Services.  For example, we collect and use information of trouble informed by you for tracking system failure and troubleshooting, or we collect and use your usage activity on Our Services for improving the functions of Our Services or develop more convenient for users.

  • To develop new products or services
    We process your Personal Data for developing new products or services.  For example, we collect and utilize information of how you use Our Services, inquiry from you, or questionnaire result for developing new products or services.

  • To measure and analyze performance
    We process your Personal Data for analyzing and measuring how our services are used.  For example, we measure and analyze your visits to and activity on Our Services for optimizing Our Services.  We also use information of which ads you interact with for helping advertisers understand the performance or effectiveness of their ads.

  • To communicate with you
    We process your Personal Data to communicate with you.  For example, we respond to inquiries from you or may send you a notification about Our Services by using contact information provided by you such as email address. In addition, if you contact us, we will keep a record of your request in order to help solve any issues you might be facing.

  • To protect us, our users, and the publicWe may process your Personal Data to protect us, you or other users, or the public interest.  For example, we use your account ID and password for detecting, preventing unauthorized use of your account, fraud, abuse, or security risks.   We may also use your Personal Data to investigate or address claims or disputes relating to Our Services.  

  • Other Purposes
    We may process User Information for the purposes prescribed in 5. below.
    If you do not provide us with your Personal Data which is necessary for complying with laws or performing the contract between you and us or entering into such contract (e.g. the information required to be entered by you on the user registration screen or driving information (if you are a driver of Our Services)), your application for use of Our Service may not be accepted, or you may not be allowed to use part of Our Service.

 

4. Disclosure, Share, or Transfer of Personal Data


4.1. We may share your Personal Data with the following categories of recipients:

  • Our Affiliates

  • third-party service providers performing functions or services on our behalf, such as customer support, technical support, or customer management

  • third-party IT service providers, such as provider of data storage service or business communication platform service

  • third-party advertising service providers

4.2. Except for the recipients prescribed above, we will not disclose your Personal Data to any third party without your prior consent, except where we collected your Personal Data based on any of the legal basis prescribed in 5. below.
4.3. We transfer your Personal Data to any of our Affiliates or third-party service providers outside of Thailand.  When we transfer it to such entities outside of Thailand, we ensure that appropriate safeguards and protections are taken in place pursuant to applicable laws.  However, please acknowledge that some countries that we transfer your Personal Data might not have appropriate safeguards and protections under the applicable laws of Thailand.

5. The legal basis on which we process Personal Data

We process your Personal Data based on a different legal basis depending on the nature of Personal Data and the type of processing involved.  We rely on the following legal bases (single or multiple) other than or in addition to your consent, insofar as it applies.

  • Performance of a Contract / Entry into a Contract
    Some of Personal Data is processed on the basis that it is necessary for the performance of our agreement with you or for taking steps at your request prior to entering such an agreement.  For example, we need to request you to provide your email address, login name, login passwords to create your account for using Our Services in order to perform our obligation under service agreement with you.

  • Legitimate Interests
    A second ground relied upon by us is that it is necessary for the purposes of legitimate interests pursued by us or a third party.  These legitimate interests include the operation of Our Services and our business, maintenance and improvement of Our Services, pursuit of the safety of Our Services, such as fraud detection and prevention, charging the payment regarding the chargeable services, providing ads of our services or products or ads of third-party’s services or products, provision of our advertising services to our clients as required by our agreements with them.  Further examples are shown in 3. above. We only rely on such a ground where such interests are not overridden by your interests or fundamental rights and freedoms.

  • Research or Statistics / Preparation of Historical Documents or Archives for Public Interest
    A third ground relied upon by us is that it is necessary for research or statistics, or preparation of historical documents or archives for the public interest.  For example, we may create statistics relating to the business area to which our services belong for the purpose of our own or third-party’s marketing. We only rely on such a ground where the suitable measures to safeguard your rights and freedoms are taken in place and in accordance with applicable law.

  • Compliance with a Law
    A fourth ground relied upon by us is that it is necessary for compliance with a legal obligation.  For example, we are required to retain records for fixed periods of time in order to comply with applicable laws.

  • Prevention of a Danger / Performance of a Task for Public Interest
    In some rare cases, there may be necessary for preventing or suppressing a danger to your or other persons’ life, body, or health, or we may need to perform a task for the public interest.

6. What do we do to keep your Personal Data secure?

We seek to take reasonable security measures to protect your Personal Data against loss, misuse, alteration, and divulgation.  Such reasonable security measures include use of adequate security software, restricted access, and assigning a person in charge of managing Personal Data. 
However, please note that although we take appropriate steps to protect your Personal Data, no website, product, device, online application or transmission of information, computer system or wireless connection is completely secure and therefore we cannot guarantee the security of your Personal Data.

 

7. How long do we store your Personal Data?

We retain your Personal Data until it is no longer necessary to fulfill the purposes of processing your Personal Data, or until you request us to erase or destroy your Personal Data. We may be required to retain certain information in order to comply with the laws to which we are subject. 
Specific retention periods are determined based on the following considerations: purposes of processing, the nature of Personal Data, and the necessity of retaining Personal Data for legal or business reasons.  For example, if you are a user of Our Services, we will normally erase your Personal Data within 6 months from the date on which you become no longer a user of Our Services; however, we may be necessary to retain the whole of part of your Personal Data for the purpose of establishment, compliance, or exercise of legal claims, defense of legal claims, or the purpose of compliance with the law. On the other hand, we will erase the analytical data which is processed in a format that cannot identify a specific individual after the purposes of processing are fulfilled.

8. What are your rights regarding your Personal Data?

Regarding your Personal Data which we collect and store, you have the rights to:

  • request access to and obtain a copy of your Personal Data

  • receive your Personal Data or request us to send or transfer your Personal Data to other Data Controllers by the automatic means

  • object the collection, use, or disclosure of your Personal Data 

  • request to erase, destroy, or anonymize your Personal Data

  • request to restrict the use of your Personal Data

  • request correction or update of your Personal Data

  • withdraw the consent which you have given to us, except where there is a restriction by law or the contract which gives benefits to you (provided, your withdrawal of consent will not affect the lawfulness of procession made prior to such withdrawal)

  • complain to expert committee with respect to our processing of your Personal Data.  If you are not satisfied with how we process your Personal Data, you may contact us through the Contact Details below.
     

9. Information for Residents of European Countries

If you are located in the European Countries, you have certain rights and protections under General Data Protection Regulation (“GDPR”) regarding processing of your “personal data” as defined in the GDPR.  Some of information that we process may constitute the “personal data”.
9.1. Our Role as a Controller or Processor
If you are located in one of the European Countries, we act as a “controller” as defined in the GDPR when processing your personal data.  We may also act as a “processor” as defined in the GDPR to the extent that we process your personal data on behalf of and at the instruction of another party.
9.2. Legal Basis of Processing
If you are located in the European Countries, we collect and process your “personal data” based on the following legal basis:

  • Performance of a Contract / Entry into a Contact

  • Legitimate Interests

  • Compliance with a Legal Obligation

  • Protection of Vital Interests

  • Performance of a Task for Public Interest

  • Consent

Please refer to 5. The legal basis on which we process Personal Data for more details.

9.3. Automated Individual Decision-Making, Including Profiling
We do not use a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
9.4. Your Rights
If you are located in the European Countries, regarding your “personal data” which we collect and store, you have the rights to:

  • access to your “personal data” and related information, such as categories of recipient, envisaged retention period, source of acquisition, and obtain a copy of your “personal data” in our possession

  • rectify your inaccurate “personal data”

  • erase your “personal data”

  • restrict on processing of your “personal data” 

  • receive your “personal data” which you provided to us and request us to transmit those data to another controller (data portability) 

  • object to the processing of your “personal data”

  • withdraw the consent which you have given to us at any time (your withdrawal of consent will not affect the lawfulness of procession made prior to such withdrawal)

  • not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where: 


a. the decision is necessary for entering into, or performance of, a contract between you and us; 

b. the decision is authorized by Union or Member State law to which we are subject, and which also lays down suitable measures to safeguard your rights, freedoms, and legitimate interests; or 
c. the decision is based on your explicit consent.
Those rights may be subject to a certain conditions as set forth in the GDPR.


9.5. Data Transfers

We transfer your “personal data” to any of our Affiliates or third-party service providers outside of the European Countries. When we transfer your “personal data” to such entity outside of the European Countries, we ensure that appropriate safeguards and protections are took in place pursuant to the GDPR.  For example, we enter into agreements including standard data protection clauses adopted by the European Commission or other appropriate arrangements with various entities located outside the European Countries with whom we share your “personal data”. However, please acknowledge that some countries that we transfer your “personal data” might not have appropriate safeguards and protections under the GDPR.  If we transfer your “personal data” to any of such countries, we will notify you of the possible risks of such transfer for you due to the absence of an appropriate safeguards and obtain your consent with such transfer. If you wish to receive a copy of documentation related to these safeguards, please contact us.


9.6. Complaints

If you are located in one of the European Countries, you may file a complaint with the Data Protection Supervisory Authority of the Member State of your habitual residence, place of work, or place of the alleged infringement.
 

Contact Details
If you have any questions regarding this Policy, please contact us here; or you may also contact us through the following contacts set out below. 

Flare (Thailand) Co., Ltd.
496-502 Amarin Building, 9th Floor. Unit No.2, 2.1 Phloen Chit Rd, Lumphini, Pathum Wan District, Bangkok 

Contact us

 

This Policy was last updated on October 1, 2020.

Copyright 2020 Flare Inc., All rights reserved.

© 2020 Flare Inc.