Privacy Policy

 – Company means Plus Tech Innovation Public Company Limited or any of the affiliated companies of SABUY Group as defined below.

 – Personal Data means information about a natural person, which makes it possible to identify that person either directly or indirectly but does not include information about the deceased in particular.

 – Sensitive Personal Data means Personal Data as provided for in Section 26 of the Personal Data Protection Act B.E. cult religion or philosophy, sexual behavior, criminal records, health information, disability, trade union information, genetic data, biological data, or any other information which affects the owner of personal data similarly as specified in the notification of the Personal Data Protection Committee.

 – Personal Data Processing means any processing of personal data, such as collecting, recording, copying, organizing, keeping, updating, changing, using, recovering, disclosing, forwarding, disseminating, transferring, merging, deleting, destroying, etc.

 – Personal Data Subject means an individual who owns personal data that the company collects, uses or discloses.

 – Personal Data Controller is a person or legal entity who has the authority to decide the collection, use, or disclosure of Personal Data.

 – Affiliated Companies of SABUY Group (1) SABUY Technology Public Company Limited (2) SABUY Money Company Limited (3) SABUY Solutions Company Limited (4) Vending Plus Company Limited (5) SABUY Exchange Company Limited (6) SABUY Capital Plus Company Limited (7) SABUY Market Plus Company Limited (8) SABUY Maxi Insurance Broker Company Limited (9) SABUY Food Plus Company Limited (10) Plus Tech Innovation Public Company Limited (11) PLATT FINSERVE Company Limited (12) TERO SABUY Company Limited (13) Forth Smart SABUY Tech Company Limited ( 14) VDP Holding Company Limited (15) SABUY Digital Company Limited (16) SABUY WASH Company Limited (17) SABUY ACCELERATOR Company Limited (18) SABUY POS Company Limited (19) SABUY Speed Co., Ltd. (20) Speedy Express Service Co., Ltd. (21) A.T.P. FRIEND SERVICES Co., Ltd. (22) SIAM ENTERPRISE CORPORATION Co., Ltd. (23) M POINT EXPRESS Co., Ltd.(24) The Letter Post Service Co., Ltd.

 – Business Partners and Other Juristic Persons, Namely (1) Shipsmile Service Co., Ltd. (2) Quick-Service Co., Ltd. (3) Thai Van Service Co., Ltd. (4) GHL (Thailand) Co., Ltd. (5) Siam Commercial Bank Public Company Limited (6) Kasikorn Bank Public Company Limited (7) Krung Thai Bank Public Company Limited (8) Bank of Ayudhya Public Company Limited (9) CIMB Thai Bank (10) Bangkok Bank Public Company Limited (11) Government Savings Bank (12) Bank for Agriculture and Agricultural Cooperatives (13) Ascend Group Company Limited (14) Forth Smart Service Public Company Limited (15) Buzzebees Co., Ltd. (16) Shopee (Thailand) Co., Ltd. (17) Central JD Money Co., Ltd. (18) Advance Empay Co., Ltd. (19) Kerry Express (Thailand) ) Public Company Limited

 Further, in this policy, if there is no specific mention, it will call “Personal Information,” and “Sensitive Personal Data” are collectively referred to as “Personal Information.”

 This policy shall apply to the collection, use, disclosure and/or overseas transfer of personal data about you. The company may collect or obtain various types of personal information from the following sources:

 4.1 Personal data that the company collects directly from the personal data subject through various channels such as websites, applications and social network service channels controlled by the company, including LINE, Facebook, telephone, fax and online communication channels, including e-mail, call center, face-to-face communication, job applications, contracts, agreements or any documents, letters through questionnaires, business cards, postage, events, meetings and registration for company events.

  5.1.1 Personal data means information according to the definition of clause 2, in which the company may collect personal information as specified in article 5.2.

  5.1.2 Sensitive personal data means information according to the definition of clause 2, which the company may collect sensitive personal data and the following information:

  The company may collect your personal information. The personal information the company collects depends on the relationship between the company and you, the type of product or service you want from the company, types of your personal data, the types of information listed below are just the general framework for collecting personal information about the company, only information related to the product. Applications or services you use or have a relationship with only that will be practical. The details are as follows.

  5.2.1 The company’s individual customers people who have a relationship with the company.

The company will consider establishing a legal basis for collecting your personal data as appropriate and in the context of the company’s services, products and applications. The company will collect your personal data only as necessary under the purposes stated by the company in this policy or comply with the law.

The company collects, uses, discloses and/or transfers to foreign countries your personal data for some purposes. It’s depends on the type of product, application, service or activity you use as well as your relationship with the company or considerations in each context are important. The purposes stated below are just the framework for the company’s use of personal data, but only for the purposes related to the products, applications or services you use or has a relationship with only that will apply to your personal data.

In addition, the company will collect your personal information with your express consent. Unless the personal data protection law section 24 or section 26 gives power, the company will not collect personal data related to nationality, ethnicity, political opinion, cult religion or philosophy, sexual behavior, criminal records, health information, disability, trade union information, genetic information, biological information or any other information that similarly affects you as announced by the Personal Data Protection Committee without your express consent except in the case where the data protection law stipulates that it can be done.

The details of the legal base and purpose for collecting personal data are as follows.

You are free to consent to the company collecting, using or disclosing your personal information. However, the company does not stipulate conditions for giving consent to access the service or enter into a contract with the company if the personal data is not necessary or relevant for entering or receiving the service.

If the legal basis is to seek consent, you have the right to withdraw your consent at any time and if it is to collect, use or disclose personal information of a minor. The revocation of authorization must be made by a user of parental power as specified in article 5.2 (4). Consent can be revoked at:

Withdrawal of consent will not affect the collection, use and disclosure of personal data that you have given your consent to before withdrawal of consent.

The company will collect, use, disclose and/or transfer your personal information to foreign countries by the law on legitimate interests. The basis for entering into and performing the contract legal compliance base or other legal bases as permitted by the personal data protection act, as the case may be and depends on the relationship between the company and you, the products, applications or services you use with the following objectives:

6.2.1 For registration and identification, e.g., to register a product or service for you, verify, identify and verify you or your identity, your authority or agent. Includes authenticating and verifying your identity digitally.

6.2.2 To supply products, applications or services and customer relationship management, e.g., to enter into any agreements or contracts relating to products, applications or services and managing relationships with you. To determine your eligibility (e.g., to check your bankruptcy status to analyze the quality of your business and related parties). To support transactions and other activities related to products, applications or services to you, such as depositing, withdrawing, transferring, paying or receiving payments for goods and services. To consider approving the delivery of the product, using the application or providing various services. To deliver details of agreements or contracts, products, applications or services, financial transactions and services related to payment, which includes verification, confirmation and cancellation of transactions to receive/send letters, parcels and important documents to you. To produce reports informing customers of product-related information, application or service usage data. To deliver product progress news, applications and services to verify the correctness of the document, activities related accounting and balance sheet, validate account to assess conflicts of interest, provide management services or perform post-sales transactions. To allocate and cancel inactivity (e.g., cancel the service, etc.).

6.2.3 To impress with after-sales service, e.g., to communicate with you about products using applications and services that you receive from affiliated companies of SABUY Group or business partners and other legal. Entities to process and update your information as a customer of the company. To provide advice and facilitate your use of the product, applications and services. To deal with customer service-related questions. To handle complaints, requests and feedback. To deal with technical issues. To notify and provide solutions to problems for you. To carry out customer relationship management activities.

6.2.6 To manage information technology, e.g., for the purposes of managing the business of the company. Including for information technology operations, communication systems management, information technology security and information technology security auditing, business management for compliance, policies and internal processes.

6.2.7 To comply with the law, e.g., to comply with the law, legal process or orders of government agencies, including orders of government agencies outside Thailand and/or to cooperate with courts, competent authorities, government agencies and regulatory agencies. Use the law when the company has reason to believe that it requires the company to do so and if it is necessary to disclose your personal information to comply with it. To report suspicious transactions to anti-money laundering agencies, financial services law enforcement and other government and law enforcement agencies and investigate or prevent crime.

6.2.12 For the performance of other duties of the company for your personal information, depending on the relationship between the company and you, e.g., you as a shareholder of the company that the company will hold a shareholders’ meeting or you as a committee or executives or consultants of the company appointed by the company, including you in any capacity whatever the company is required to perform due to its obligations under any contract or agreement. In this regard, if you do not provide personal information to the company may affect you, e.g., the company may not be able to perform the actions you have requested, you may not be comfortable or the contract is not performed and you may be damaged or lose an opportunity. In addition, your failure to provide such personal information may affect compliance with any laws that the company or you are required to comply with and may have relevant penalties.

If you were an existing customer of the company before the personal data protection act came into force, the company may collect sensitive personal data such as (1) religion, (2) race, (3) disability, (4) sensitive personal information used in transactions and/or contracts, (5) sensitive personal data that is used to enable the use of products and/or services further, for the purpose of documentary evidence collection only. The company will not use it for other purposes.

The company may disclose or transfer your personal data to the following third parties who collect, use, disclose and/or share your personal data for the purposes under this policy. These third parties may be located in Thailand or outside Thailand. You can view their privacy policies for details about how they collect, use and/or disclose your personal information because you are the personal data subject to the privacy policy of such third parties.

The company may be required to disclose your personal information to other parties for the purposes specified in clause 6 above to companies within the SABUY Group. Disclosure of information to companies in the SABUY Group mentioned above will allow those in the group to use the consent that the company has obtained to process your personal data.

The company may use other companies, agents or contractors to provide services on behalf of the company or to assist with business operations and the provision of products and services to you, including taking any action for your benefit. The company may share your personal information with third party service providers, service provider agents, business support service providers, subcontractors, service providers or any other third party service provider to support the service of the company including but not limited to (1) Internet service providers, software, website developers, digital media, information technology service providers and companies information technology support providers, suppliers or provide digital services or products, for example, offer and provide digital platforms, including services related to technology (platform as a service), applications or any other systems for the company, providing identity verification services to companies (2) Logistics and transportation service providers (3) Payment and payment systems providers (4) Research service companies (5) Analytical service company (6) Survey service company (7) Auditor (8) Customer service center (9) Marketing service company advertising material design creation and communication (10) Company that provides services for campaigns, events, events, marketing events and customer relationship management (11) Telecommunications and communications service providers (12) Storage and cloud services providers (13) Printing services providers (14) Lawyer, legal advisor for the benefit of the company. Including exercising legal claims and fighting legal claims, auditors and/or other professionals to assist in the business operations of the company. (15) Service providers of archiving and/or destruction of documents (16) Employment agencies (17) Joint data analysts for analysis and development of products and/or services, conducting research or producing statistical data business administration and marketing promotions, such as publicizing events, products and/or services to you.

During the provision of such service, the service provider may have access to your personal information, however, the company will only provide your personal information to the service provider as necessary to perform the service and the company will request the service provider, not using your personal data for other purposes. The company will ensure that the service providers it works with maintain the security of your personal data as required by law.

The company may transfer your personal information to business partners and other legal entities to conduct business and provide services to the company’s customers and potential customers using the company’s services, including but not limited to the card-issuing company, companies that provide payment services for products and services, analytics service companies, market research survey service providers, financial transaction service providers, joint product release partners (such as co-brands) and other sponsors.

In some cases, the company may be required to disclose your personal information to comply with the law. Including law orders, law enforcement agencies, courts, legal enforcement departments, competent authorities, government agencies or any other person. If the company believes it is necessary to comply with the law or to protect the rights of the company, Third party rights or for the safety of persons or to investigate, prevent or resolve fraud, security, safety, including any other risks.

The company may be required to disclose your personal data legally for the purposes stated in this policy to other third parties and customers who transact with you or in connection with you, other persons with legal references, etc., as the case may be.

In some cases, the company may need to send or transfer your personal data to foreign countries to provide services to you, e.g., to send personal data to the cloud (Cloud) that has a platform or server (Server) abroad to support information technology systems located outside Thailand, depending on the service of the company you use or are involved in individual activities.

However, at the time of preparing this policy, the personal data protection committee has not announced a list of destination countries that have adequate personal data protection standards. As follows, when the company needs to send or transfer your personal data to the destination country, The company will take steps to ensure that the personal data sent or transferred has adequate personal data protection measures in accordance with international standards or proceeds according to the conditions in order to be able to send or transfer that data according to the law, including:

The company will keep your personal data for a while necessary to carry out the purposes for which the company received such information. The company will delete or destroy your personal information or make your communication more identifiable. However, in the event of a dispute, exercise of rights or lawsuits related to your personal data, comply with the law. The company reserves the right to keep your personal data until the dispute has been finalized by order or judgment.

The company may assign or procure third parties (Personal data processors) to process personal data on its behalf or on behalf of the company. Such third parties may offer services in various ways, such as hosting, subcontracting (Outsourcing) or being a cloud service provider (Cloud computing service/provider) or being a job in the nature of outsourcing of other forms.

Assigning a third party to the processing of personal data as a processor of that personal data , the company will provide an agreement stating the rights and obligations of the company as a personal data controller and of persons entrusted by the company as a personal data processor, including defining in detail the types of personal data the company is entrusted to process. Including objectives scope of the processing of personal data and other related agreements in which personal data processors are obliged to process personal data only to the extent specified in the contract and in accordance with the instructions of the company and cannot be processed for other purposes.

Suppose a personal data processor is assigned a sub-processor. In that case, the company will direct the personal data processor to provide a documentary agreement between the personal data processor and the personal data processor, processing range in a format and standard not lower than the agreement between the company and the processor of personal data.

The company will keep your personal information very well through the technical and administrative measures (Organizational measure) that meets international standards and follows the notification of the personal data protection committee to maintain appropriate security and security in processing personal data and to prevent infringement of personal data, loss access, destruction, use, alteration, alteration and use of the data or disclosure of off-purpose information or without power or wrongfully.

The company’s services may contain links to third-party websites or services. Websites or services may have a personal data protection policy different from this one. The company recommends that you consult the privacy protection policy of that website or service to know in detail before using it. The company is not associated with and has no control over the privacy protection measures of such websites or services. We cannot be held responsible for the content, policies, damages or actions caused by third-party websites or services.

13.1 The company may associate personal information with other individuals or entities. The company will inform you before linking personal information and ask for consent (in case consent is required) with at least the following details:

13.1.1 The person or entity to which the personal data will be linked.

13.1.2 Purpose of linking personal data.

13.1.3 Methods for linking personal data.

13.1.4 Personal data to be linked.

13.2 If the data link changes, the company will notify you of such changes and seek consent before proceeding (in case of requiring approval).

The company has appointed a personal data protection officer to inspect, supervise and advise on the collection, use or disclosure of personal data. Including coordinating and cooperating with the office of the personal data protection commission to comply with the personal data protection law.

Your rights in this section are rights under the personal data protection act. You can request to exercise various rights available under the provisions of the law and the policies set by the company before or while or to be amended in the future, as well as the rules and procedures for rights management as determined by the company. The details of various rights are as follows:

15.6 Right to request to suspend the use of personal data. You have the right to ask the company to discontinue the use of your data in the following cases:

If you wish to exercise any of the rights outlined in this section, you can do it through the following channels.

Any of the above claims may be limited by applicable law. There may be cases in which the company can refuse your request in an appropriate and fair, for example when companies are required to comply with the law or court order. If you believe that the collection, use, disclosure and/or overseas transfer of your personal data by the company is a violation of the applicable personal data protection law, you have the right to complain to an agency concerned with protecting personal data. However, you may notify the company of your concern first, to consider resolving your concerns. Please get in touch with the company through the following channels.

In the event that you find that the company has not complied with personal data protection laws, you have the right to complain to the personal data protection committee or a supervisory authority appointed by the personal data protection committee or by law. Please get in touch with the company for the opportunity to know the facts and clarify various issues, as well as to resolve your concerns at the first opportunity.

The company does not intend to disclose information about corporate customers or individuals connected to corporate customers for marketing purposes. The company will collect and use such personal data within the company only. If a corporate customer of the company discloses personal information of a person related to a corporate customer, you as a corporate customer is obligated to do the following to allow the company to provide services or products to you:

The company may change this personal data protection policy from time to time if there is a change in its personal data protection practices due to reasons such as technological changes, legal changes. Amendments to this privacy policy will become effective when the company publishes it on [ www.plustech.co.th ]. However, if such amendments have a material impact on you as the data subject. The company will give you reasonable prior notice before the change takes effect.

The company collects and uses cookies and other similar technologies on websites under its supervision, such as https://sabuytech.com/ https://termsabuyplus.com/ https://sabuysolutions.com/ or your device according to the services you use. This is for the safety of the company’s services and to provide you with convenience and a good experience in using the company’s services. This information will be used to improve the company’s website to better meet your needs. You can set or delete the use of cookies by yourself from the settings in your web browser.

Suppose you have questions about the company’s practices and activities related to your personal data. In that case, you can contact the company’s personal data protection officer or designated person as detailed below. The company is happy to assist you in providing information and suggestions. Please contact the company.