Announced on 31st May 2023
As Jaspal Public Company Limited (“Company”) realizes the importance of Personal Data and other information (collectively referred to as “Data”), about the Company’s customer (“You”), and so that you can be confident that the Company is transparent and responsible for collection, use or disclosure your data in accordance with the Personal Data Protection Act B.E. 2562 (2019) (“Personal Data Protection Law”) including other relevant laws. Therefore, this Customer Data Privacy Policy (“Policy”) has been established to inform you to know and understand the practices including objectives of the Company with respect to the collection, use and disclosure of your Personal Data (collectively referred to as “Processing”), performed by the Company including related persons on behalf of the Company with the following matters:
This Policy applies to Personal Data in relation to the Company, both presently and possibly in the future that are/may be processed by the Company or related parties which the Company has obtained and collected from your visits, purchase of goods and services, membership applications, making suggestions, feedback, complaints, completing surveys or questionnaires, or performing any necessary activities as required via the Company’s websites, mobile phone applications, social media channels, stores of the Company and Customer Service Center (Customer Service). This Policy does not cover your use of websites, mobile applications, social media channels of third parties which can be linked to the website, mobile phone applications, social media channels of the Company and stores which are not managed and supervised by the Company. For these reasons, the Company advises you to read this Customer Data Privacy Policy in order to understand and acknowledge the methods, procedures, and purposes of the Company in relation to the collection, use, and disclosure of your Personal Data.
“Company”
Jaspal Public Company Limited.
“Affiliates”
Jaspal & Sons Company Limited.
“Customer”
(1) Normal customers who purchase products and services of the Company, both current and former customers, including potential future customers, and (2) Normal customers who are employees, personnel, officers of the Company and affiliates.
“Personal Data”
Any data relating to a Person, which enables the identification of that person, whether directly or indirectly, but not including the data of a deceased Person.
“Sensitive Data”
Personal Data that is classified as sensitive data as described in Article 26 of the Personal Data Protection Act which includes data about race, ethnicity, political opinions, cult beliefs, religion or philosophy, sexual behavior, criminal record, health data, disability, trade union data, genetic data, biological data or any other data that affects the Data Subject in a similar manner as announced by the Personal Data Protection Committee.
“Processing Personal Data”
Any processing of Personal Data such as collecting, recording, copying, organizing, storing, updating, changing, issuing, restoring, disclosing, forwarding, disseminating, transferring, combining, deleting, destroying, etc.
“Data Subject”
An individual person who owns the personal data that the Company collects, uses or discloses herein means “you” as a customer in this policy.
“Person”
Individual persons do not include legal entities such as corporations, associations, foundations or any other organization.
“Company’s Store”
Any stores under the management or supervision of Jaspal Public Company Limited as specified in ANNEX 1.
“Company’s Website”
Any websites under the management or supervision of Jaspal Public Company Limited as specified in ANNEX 2.
“Social Media Channels”
LINE and Facebook.
During your access or use of the Company’s Websites, mobile phone applications, social media channels, e-mail, telephone channels, Company’s stores and Customer Service Center (Customer Service), the Company may need to collect or obtain any personal data that can identify you as follows:
4.1 General Personal Data consists of the following:
(1) Personal Data
(1.1) General Customer Personal Data such as title, name-surname, gender, date of birth, age, nationality, information on documents issued by government agencies (e.g. ID card number, passport number, taxpayer identification number, etc.)
(1.2) Customer Personal Data who are Employees, Staff of the Company and its Affiliates such as title, name-surname, gender, date of birth, age, nationality, employee data (e.g. employee level, job title, employee ID, workplace, agency), information on documents issued by government agencies (e.g. ID card number, passport number, taxpayer identification number, etc.)
(2) Contact Information such as telephone number, mobile phone number, shipping mailing address, billing address, e-mail address, social media account (e.g. LINE account information, Facebook account, etc.)
(3) Membership Information such as membership account information, membership card number, reward points, membership type, date of membership application, membership period, reward points redemption history, inquiries, comments, feedback, complaints, suggestions and other information in relation to membership.
(4) Sale and Purchase of Goods and Services Transaction Information such as goods purchase order details (e.g. product purchased, type, size, quantity, price, etc.), details of use of service, information about receipt of payment from/refunding to you, date of payment, time of payment, amount of payment, purchase or order number, date/time of receipt or delivery of goods, feedback message regarding the acceptance of goods, goods warranty information, complaints and claims and other information related to the purchase of goods and services.
(5) Financial information such as debit/credit card information (e.g. card number, card holder name, card type, numbers on the back of the card (CVV), expiration date, etc.)
(6) Technical Information such as computer traffic data (Log) and information that the Company collects through cookies (Cookies) or similar technologies (e.g. information about use of website, applications and systems of the Company, device identity, computer IP address, location information, browser type and usage behavior, etc.)
(7) Behavioral Information such as behavioral information in relation to the purchase of goods and services and feedback regarding services of the Company.
(8) Other Information such as voice recordings of telephone conversations through the Customer Service Center (Customer Service), video and audio recording from closed-circuit television (CCTV), body temperature.
4.2 Sensitive Personal Data includes
Data pertaining to race, ethnicity, religion, fingerprints, facial recognition, health data or data related to physical or mental conditions, genetic data, medical history, disability, and criminal history, etc. The Company does not have a policy to store Sensitive Personal Data unless the Company has obtained your consent.
4.3 Third Party Personal Data
If you have to provide a Personal Data such as name-surname, address, contact number of any third party to the Company e.g. spouse, children, relatives, friends, references and other persons who are not the Company’s customer as an emergency contact information or to be a beneficiary or to solicit the purchase of goods or services or to invite to apply for membership, it is your responsibility to communicate the details of this policy to such person(s) as well as to obtain their consent if required to disclose the data to the Company. Furthermore, you must ensure that you have the right to provide such data of those individuals to the Company in accordance with the Personal Data Protection Law.
As such, the Company will strictly collect personal data only to the extent necessary subject to the purposes specified in Clause 5 of this Policy.
For the collection, use, or disclosure of your Personal Data, the Company will make a written request for explicit consent or a request via electronic means prior to or during the collection of the Personal Data which you have a right not to consent and provide such data. In the event that you decide not to consent or withdraw any consent, it may result in the Company being unable to provide all or part of services to you.
In addition, the collection of data of any minor, impaired or partially impaired person, the Company will collect the foregoing Personal Data only if the Company obtains a written consent from its relevant legal guardian. If it is explicitly known by the Company, the Company will not collect Personal Data from any Person whose age is below twenty (20) or who is impaired or partially impaired person unless consent is obtained from such relevant legal guardian in the event that consent must be obtained. If the Company is aware that it has unintentionally collected Personal Data from any person below the age of twenty (20), or who is impaired or partially impaired person, without obtaining consent from its legal guardian, the Company will promptly delete such Personal Data or process only that part of the Personal Data which the Company is entitled to process based on any legal basis other than the request of consent.
Notwithstanding the foregoing, the Personal Data given to the Company by you must be correct, complete, and true and will not cause any confusion and you must keep your Personal Data up-to-date and also inform the Company of any changes via the contact channel specified in Clause 14. If you decide not to provide the Company with your Personal Data or if you choose to withdraw consent for the use of your Personal Data, it may result in the Company being unable to provide all or part of services to you.
The Company collects Personal Data for the following purposes:
The Company will process your Personal Data only for the purpose for which it has been stated, including in some cases where the Company may consider it able to process your Personal Data for other relevant reasons and not contrary to or in addition to the original purpose provided. Notwithstanding, in the event that the Company needs to process the data for the purpose other than the original purpose, the Company will request your consent again for the use of such data for that new purpose.
The Company may disclose your Personal Data to any third parties as necessary to fulfill the purposes specified in this Policy. The Company may send your Personal Data to the following parties:
The Company may disclose or transfer your Personal Data to foreign countries, third parties or servers located in foreign countries where such destination countries may or may not have the same level of data protection standards. In this regard, the Company will follow various procedures and measures to supervise the transfer of your Personal Data to be safe and ensure that the persons to receive such Personal Data have appropriate data protection standards or comply with conditions or exceptions in accordance with the laws. The Company will ask for your consent if required by the laws in the event of a transfer of Personal Data to foreign countries.
The Company may have connections to third parties’ websites or services where such websites or services may have their own privacy policies that differ from this policy. Since the Company is not associated and has no control over the privacy policies measures of those websites or services and also cannot be held responsible for the contents, policies, damages or actions caused by third parties’ websites or services, the Company, therefore, recommends that you should initially study such privacy policy of those websites or services before access.
The Company provides appropriate security measures for preventing the unauthorized or unlawful loss, access to, use, alteration, correction, or disclosure of Personal Data, and such measures will be reviewed by the Company when it is necessary, or when the technology has changed in order to efficiently maintain the appropriate security and safety.
The Company will retain your Personal Data within the period necessary for the purposes specified in this Policy except for the case that the longer period of retention is required by laws. After the expiration of the retention period, or if your Personal Data is no longer required, the Company will erase, destroy, or anonymize such Personal Data. Notwithstanding, in the event of a dispute regarding the exercise of legal rights relating to your Personal Data, the Company reserves the right to retain such data until the dispute is resolved by court order or judgment.
In the event that the Company collects, uses, or discloses your Personal Data subject to the purposes specified in this Policy, you have the following rights pursuant to the Personal Data Protection Law.
11.1 Right to Request to Access to Personal Data
You have the right to access and obtain a copy of your Personal Data which is under the responsibility of the Company and ask the Company to disclose the acquisition of your Personal Data in case you have not given your consent.
11.2 Right to Request to Have the Personal Data to be Accurate, Complete, and Up-to-Date
You have the right to request the Company to make your Personal Data accurate, complete, and up-to-date.
11.3 Right to Request for Erasure or Destruction of your Personal Data
You have the right to request the Company to delete, destroy or make your Personal Data non-identifiable, however, the exercise of such rights is subject to the conditions stipulated by law.
11.4 Right to Request the Suspension of the Use of Personal Data
You have the right to request the suspension of the use of your Personal Data in the following cases.
a) During the period that the Company reviews your request to correct, complete and up-to-date the Personal Data.
b) Your Personal Data is illegally collected, used or disclosed.
c) At the time that your Personal Data is no longer necessary for collection according to the purpose stated by the Company, but you need the Company to continue collecting such data in order to exercise the legal rights.
d) During the period that the Company is proving legitimate grounds for collecting your Personal Data or investigate the necessity for collecting, using or disclosing the Personal Data for the public interest due to your exercise of the right to object to the collection, use or disclosure of Personal Data.
11.5 Right to Object to The Processing of Personal Data
You have the right to object to collection, use or disclosure of your Personal Data unless the Company has legitimate grounds to refuse the request by law (For example: The Company can demonstrate that the collection, use or disclosure of your Personal Data is more legitimate grounds or for the establishment of a legal claim, the performance or exercise of a legal claim or for the public benefit of the Company).
11.6 Right to Withdraw Consent
In the event that you have given consent to the Company for collecting, using or disclosing your Personal Data (whether before or after the Personal Data Protection Law comes into force), you have the right to withdraw your consent at any time, for a period of time that your Personal Data is retained by the Company, unless there is a provision of law requiring the Company to continue retaining it or there is a contract between you and the Company that still benefits you.
11.7 Right to Obtain, Transmit or Transfer Personal Data
You have the right to obtain your Personal Data from the Company in a form that is readable or generally usable with a device or device that works automatically and can use or disclose Personal Data by automatic method including may request the Company to transmit or transfer data in such form to other Personal Data controllers, however, the exercise of this right shall be subject to the conditions prescribed by law.
11.8 Right to File A Complaint
In the event that there is a reason to believe that the Company has violated the Personal Data Protection Law, you have the right to file a complaint with an expert committee appointed by the Personal Data Protection Committee in accordance with the rules and procedures prescribed by the Personal Data Protection Law.
In case you wish to exercise the foregoing rights, you are required to make a written statement. The Company will use its best efforts to perform actions in due course and no later than the period prescribed by law. The Company will strictly comply with the laws concerning your rights as the Data Subject.
The exercising of rights to request the erasure, destruction, or anonymization of your Personal Data, temporary restriction of use, or withdrawal of consent may result in the Company being unable to provide all or part of services to you.
The Company’s Website uses cookies and other tools to help distinguish you from other users of the website which this will allow the Company to improve the website and to provide you with a quality experience when using the website. By continuing to use this website, you are agreeing to cookies being placed on your computer.
The Company has appointed a Personal Data Protection Officer to monitor, supervise and advise on the collection, use or disclosure of Personal Data, including coordinate and cooperate with the Office of the Personal Data Protection Commission to ensure compliance to comply with the Personal Data Protection Law.
If you have any queries in relation to this Personal Data Protection Policy or if you wish to exercise the rights specified in Clause 11, please contact the Company at:
(1) Jaspal Public Company Limited
– 1054 Soi Sukhumvit 66/1 Prakanongtai Sub-District, Prakanong District, Bangkok 10260
– Customer Service Center (Customer Service) Tel: 02 118 2000 or E-mail: mycard@jaspal.co.th
(2) Data Protection Officer (DPO)
– 1054 Soi Sukhumvit 66/1 Prakanongtai Sub-District, Prakanong District, Bangkok 10260
– E-mail: dpo@jaspal.co.th
The Company reserves the rights to revise and amend this Personal Data Protection Policy as deemed necessary and appropriate to comply with the Personal Data Protection Law and/or secondary laws, regulations, rules, announcements of government agencies that have been amended. Any revision or amendment will be announced and published on the Company’s Website or by any other appropriate method.
This Customer Data Privacy Policy is prepared in accordance with the Personal Data Protection Act B.E. 2562 (2019) and published in both Thai and English. If there are any discrepancies in terms of meanings or interpretations between the Thai and English versions, the Thai version must prevail.
The stores under the supervision of the Company consist of 16 brands as follows:
The websites under the supervision of the Company consist of 11 websites as follows:
CÔNG TY TNHH JPS FASHIONS (VIỆT NAM)
Tầng 6,7 tòa nhà Regus Me Linh Point,
số 2 Ngô Đức Kế, phường Bến Nghé, quận 1,
thành phố Hồ Chí Minh, Việt Nam
LIÊN HỆ·