1.2 “Personal Data” or “personal data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data could include name, identification number and contact information.
1.4 This Policy applies in conjunction with other notices, contractual clauses, consent clauses that apply in relation to the collection, storage, use, disclosure and/or processing of your personal data by us and is not intended to override those notices or clauses unless we state expressly otherwise.
1.5 This Policy applies to both buyers and sellers who use the Services except where expressly stated otherwise.
- WHEN WILL GROOVIN COLLECT PERSONAL DATA?
2.1 We will/may collect personal data about you:
- when you register and/or use our Services or Platform, or open an account with us;
- when you submit any form, including, but not limited to, application forms or other forms relating to any of our products and services, whether online or by way of a physical form;
- when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our products and services;
- when you interact with us, such as via telephone calls (which may be recorded), letters, fax, face-to-face meetings, social media platforms, and emails, including when you interact with our customer service agents;
- when you use our electronic services or interact with us via our application or use services on our Platform. This includes, without limitation, through cookies which we may deploy when you interact with our application or website;
- when you grant permissions on your device to share information with our application or Platform;
- when you link your Groovin’ account with your social media or other external account or use other social media features, in accordance with the provider’s policies;
when you carry out transactions through our Services;
- when you provide us with feedback or complaints;
- when you register for a contest; or
- when you submit your personal data to us for any reason
The above does not purport to be exhaustive and sets out some common instances of when personal data about you may be collected.
- WHAT PERSONAL DATA WILL GROOVIN COLLECT?
3.1 The personal data that Groovin’ may collect includes but is not limited to:
- email address;
- date of birth;
- billing address;
- bank account and payment information;
- telephone number;
- information sent by or associated with the device(s) used to access our Services or Platform;
- information about your network and the people and accounts you interact with;
- photographs or audio or video recordings that you share with us;
- government-issued identification or other information required for our due diligence, know your customer, identity verification, or fraud prevention purposes;
- any other information about the User when the User signs up to use our Services or Platform, and when the User uses the Services or Platform, as well as information related to how the User uses our Services or Platform; and
- aggregate data on content the User engages with.
3.2 You agree not to submit any information to us which is inaccurate or misleading, and you agree to inform us of any inaccuracies or changes to such information. We reserve the right at our sole discretion to require further documentation to verify the information provided by you.
3.3 If you sign up to be a user of our Platform using your social media account (“Social Media Account”), link your Groovin’ account to your Social Media Account or use any Groovin’ social media features, we may access information about you which you have voluntarily provided to your Social Media Account provider in accordance with such provider’s policies, and we will manage and use any such personal data in accordance with this Policy at all times.
3.4 If you do not want us to collect the aforementioned information/personal data, you may opt out at any time by notifying our Data Protection Officer in writing. Further information on opting out can be found in the section below entitled “How can you withdraw consent, remove, request access to or modify information you have provided to us?”. Note, however, that opting out or withdrawing your consent for us to collect, use or process your personal data may affect your use of the Services and the Platform. For example, opting out of the collection of location information will cause its location-based features to be disabled.
- COLLECTION OF OTHER DATA
4.1 As with most websites, your device sends information that may include data about you that gets logged by a web server when you browse our Platform. This typically includes without limitation your device’s Internet Protocol (IP) address, computer/mobile device operating system and browser type, type of mobile device, the characteristics of the mobile device, the unique device identifier (UDID) or mobile equipment identifier (MEID) for your mobile device, the address of a referring web site (if any), the pages you visit on our website and mobile applications and the times of visit, and sometimes a “cookie” (which can be disabled using your browser preferences) to help the site remember your last visit. If you are logged in, this information is associated with your personal account. The information is also included in anonymous statistics to allow us to understand how visitors use our site.
4.2 Our website may collect precise information about the location of your mobile device using technologies such as GPS, Wi-Fi, etc. We collect, use, disclose and/or process this information for one or more Purposes including, without limitation, location-based services that you request or to deliver relevant content to you based on your location or to allow you to share your location with other Users as part of the services under our mobile applications. For most mobile devices, you are able to withdraw your permission for us to acquire this information on your location through your device settings. If you have questions about how to disable your mobile device’s location services, please contact your mobile device service provider or the device manufacturer.
4.3 As when you view pages on our website, when you watch content and advertising and access other software on our Platform or through the Services, most of the same information is sent to us (including, without limitation, IP Address, operating system, etc.); but, instead of page views, your device sends us information on the content, advertisement viewed and/or software installed by the Services and the Platform and time.
5.1 We or our authorized service providers may from time-to-time use “cookies” or other features to allow us or third parties to collect or share information in connection with your use of our Services or Platform. These features help us improve our Platform and the Services we offer, or help us offer new services and features. “Cookies” are identifiers that are stored on your computer or mobile device that record data about computer or device, how and when the Services or Platform are used or visited, by how many people and other activity within our Platform. We may link cookie information to personal data. Cookies also link to information regarding what items you have selected for purchase and web pages you have viewed. This information is used to keep track of your shopping cart, to deliver content specific to your interests, to conduct data analysis and to monitor usage of the Services.
- HOW DO WE USE THE INFORMATION YOU PROVIDE US?
6.1 We may collect, use, disclose and/or process your personal data for one or more of the following purposes:
- to consider and/or process your application/transaction with us or your transactions or communications with third parties via the Services;
- to manage, operate, provide and/or administer your use of and/or access to our Services and our Platform (including, without limitation, remembering your preference), as well as your relationship and user account with us;
- to respond to, process, deal with or complete a transaction and/or to fulfil your requests for certain products and services and notify you of service issues and unusual account actions;
- to enforce our Terms of Service or any applicable end user license agreements;
- to protect personal safety and the rights, property or safety of others;
- for identification, verification, due diligence, or know your customer purposes;
- to maintain and administer any software updates and/or other updates and support that may be required from time to time to ensure the smooth running of our Services;
- to deal with or facilitate customer service, carry out your instructions, deal with or respond to any enquiries given by (or purported to be given by) you or on your behalf;
- to contact you or communicate with you via voice call, text message and/or fax message, email and/or postal mail or otherwise for the purposes of administering and/or managing your relationship with us or your use of our Services, such as but not limited to communicating administrative information to you relating to our Services. You acknowledge and agree that such communication by us could be by way of the mailing of correspondence, documents or notices to you, which could involve disclosure of certain personal data about you to bring about delivery of the same as well as on the external cover of envelopes/mail packages;
- to allow other Users to interact, connect with you or see some of your activities on the Platform, including to inform you when another User has sent you a private message, posted a comment for you on the Platform or connected with you using the social features on the Platform;
- to conduct research, analysis and development activities (including, but not limited to, data analytics, surveys, product and service development and/or profiling), to analyse how you use our Services, to improve our Services or products and/or to enhance your customer experience;
- to allow for audits and surveys to, among other things, validate the size and composition of our target audience, and understand their experience with Groovin’s Services;
- for marketing and advertising, and in this regard, to send you by various modes of communication marketing and promotional information and materials relating to products and/or services (including, without limitation, products and/or services of third parties whom Groovin’ may collaborate or tie up with) that Groovin’ (and/or its affiliates or related corporations) may be selling, marketing or promoting, whether such products or services exist now or are created in the future. You can unsubscribe from receiving marketing information at any time by using the unsubscribe function within the electronic marketing material. We may use your contact information to send newsletters from us and from our related companies;
- to respond to legal processes or to comply with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction or where we have a good faith belief that such disclosure is necessary, including, without limitation, meeting the requirements to make disclosure under the requirements of any law binding on Groovin’ or on its related corporations or affiliates (including, where applicable, the display of your name, contact details and company details);
- to produce statistics and research for internal and statutory reporting and/or record-keeping requirements;
- to carry out due diligence or other screening activities (including, without limitation, background checks) in accordance with legal or regulatory obligations or our risk management procedures that may be required by law or that may have been put in place by us;
- to audit our Services or Groovin’s business;
- to prevent or investigate any actual or suspected violations of our Terms of Service, fraud, unlawful activity, omission or misconduct, whether relating to your use of our Services or any other matter arising from your relationship with us;
- to respond to any threatened or actual claims asserted against Groovin’ or other claim that any Content violates the rights of third parties;
- to store, host, back up (whether for disaster recovery or otherwise) of your personal data, whether within or outside of your jurisdiction;
- to deal with and/or facilitate a business asset transaction or a potential business asset transaction, where such transaction involves Groovin’ as a participant or involves only a related corporation or affiliate of Groovin’ as a participant or involves Groovin’ and/or any one or more of Groovin’s related corporations or affiliates as participant(s), and there may be other third party organisations who are participants in such transaction. A “business asset transaction” refers to the purchase, sale, lease, merger, amalgamation or any other acquisition, disposal or financing of an organisation or a portion of an organisation or of any of the business or assets of an organisation; and/or
- any other purposes which we notify you of at the time of obtaining your consent.
(collectively, the “Purposes”).
6.3 As the purposes for which we will/may collect, use, disclose or process your personal data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by the Privacy Laws.
- HOW DOES GROOVIN PROTECT AND RETAIN CUSTOMER INFORMATION?
7.1 We implement a variety of security measures and strive to ensure the security of your personal data on our systems. User personal data is contained behind secured networks and is only accessible by a limited number of employees who have special access rights to such systems. However, there can be no guarantee of absolute security.
- DOES GROOVIN DISCLOSE THE INFORMATION IT COLLECTS FROM ITS VISITORS TO OUTSIDE PARTIES?
8.1 In conducting our business, we will/may need to disclose your personal data to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties, whether sited in Thailand or outside of Thailand, for one or more of the above-stated Purposes. Such third-party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the above-stated Purposes. Such third parties include, without limitation:
- our subsidiaries, affiliates and related corporations;
- buyers or sellers you have transacted with or interacted with on the Platform or in connection with your use of the Services for the above-stated Purposes;
- other Users of our Platform for one or more of the above-stated Purposes;
- contractors, agents, service providers and other third parties we use to support our business. These include but are not limited to those parties which provide administrative or other services to us such as mailing houses, logistics service providers, financial services providers, telecommunication companies, information technology companies and data centres;
- governmental or regulatory authorities having jurisdiction over Groovin or as otherwise permitted under Section 6.2;
- a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Groovin’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by Groovin’ about our Service Users is among the assets transferred; or to a counterparty in a business asset transaction that Groovin’ or any of its affiliates or related corporations is involved in; and
- third parties to whom disclosure by us is for one or more of the Purposes and such third parties would in turn be collecting and processing your personal data for one or more of the Purposes.
8.2 This may require, among other things, for us to share information, including statistical and demographic information, about our Users and information about their use of the Services with suppliers of advertisements and programming.
8.3 For the avoidance of doubt, in the event that Privacy Laws or other applicable laws permit an organisation such as us to collect, use or disclose your personal data without your consent, such permission granted by the laws shall continue to apply.
8.4 Third parties may unlawfully intercept or access personal data transmitted to or contained on the site, technologies may malfunction or not work as anticipated, or someone might access, abuse or misuse information through no fault of ours. We will nevertheless deploy reasonable security arrangements to protect your personal data as required by the Privacy Laws; however, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.
8.5 As set forth in Groovin’s Terms of Service, users in possession of another User’s personal data through the use of the Services (the “Receiving Party”) hereby agree that, they will (i) comply with all applicable personal data protection laws with respect to any such data; (ii) allow the User whose personal data the Receiving Party has collected (the “Disclosing Party”) to remove his or her data so collected from the Receiving Party’s database; and (iii) allow the Disclosing Party to review what information has been collected about them by the Receiving Party, in each case of (ii) and (iii) above, in compliance with and where required by applicable laws.
8.6 Notwithstanding anything set forth herein, Sellers shall comply with all applicable Privacy Laws and, in respect of any buyer’s personal data received from Groovin’, (i) are not permitted to use such buyer’s personal data except as reasonably necessary to respond to buyers’ enquiries and to carry out respond to, process, deal with or complete a transaction without the buyers’ and Groovin’s prior written consent; (ii) should refrain from contacting buyers using such information outside of the Groovin’ platform; (iii) are not permitted to disclose such buyer’s personal data to any unauthorized third parties without the buyer’s and Groovin’s prior written consent; (iv) shall employ sufficient security measures to protect each Groovin’ user’s personal data in their possession and to delete such data as soon as reasonably possible upon completion of the transaction; and (v) to inform Groovin’s Personal Data Protection Officer at email@example.com in the event of any potential data breach or other loss of such user’s data.
- INFORMATION ON CHILDREN
9.1 The Services are not intended for children under the age of 13. We do not knowingly collect or maintain any personal data or non-personally-identifiable information from anyone under the age of 13 nor is any part of our Platform or other Services directed to children under the age of 13. As a parent or legal guardian, please do not allow such children under your care to submit personal data to Groovin’. In the event that personal data of a child under the age of 13 in your care is disclosed to Groovin’ you hereby consent to the processing of the child’s personal data and accept and agree to be bound by this Policy on behalf of such child. We will close any accounts used exclusively by such children and will remove and/or delete any personal data we believe was submitted without parental consent by any child under the age of 13.
- DISCLAIMER REGARDING SECURITY AND THIRD-PARTY SITES
10.1 WE DO NOT GUARANTEE THE SECURITY OF PERSONAL DATA AND/OR OTHER INFORMATION THAT YOU PROVIDE ON THIRD PARTY SITES. We do implement a variety of security measures to maintain the safety of your personal data that is in our possession or under our control. Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the personal data confidential. When you place orders or access your personal data, we offer the use of a secure server. All personal data or sensitive information you supply is encrypted into our databases to be only accessed as stated above.
10.2 In an attempt to provide you with increased value, we may choose various third-party websites to link to, and frame within, the Platform. We may also participate in co-branding and other relationships to offer e-commerce and other services and features to our visitors. These linked sites have separate and independent privacy policies as well as security arrangements. Even if the third party is affiliated with us, we have no control over these linked sites, each of which has separate privacy and data collection practices independent of us. Data collected by our co-brand partners or third-party web sites (even if offered on or through our Platform) may not be received by us.
10.3 We therefore have no responsibility or liability for the content, security arrangements (or lack thereof) and activities of these linked sites. These linked sites are only for your convenience and you therefore access them at your own risk. Nonetheless, we seek to protect the integrity of our Platform and the links placed upon each of them and therefore welcome any feedback about these linked sites (including, without limitation, if a specific link does not work).
- WILL GROOVIN TRANSFER YOUR INFORMATION OVERSEAS?
11.1 Your personal data and/or information may be transferred to, stored or processed outside of your country. In most cases, your personal data will be processed in Singapore, where our servers are located and our central database is operated. Shopee will only transfer your information overseas in accordance with Privacy Laws.
- HOW CAN YOU WITHDRAW CONSENT, REQUEST ACCESS TO OR CORRECT INFORMATION YOU HAVE PROVIDED TO US?
12.1 Withdrawing Consent
12.2 Requesting Access to or Correction of Personal Data
12.2.1 If you have an account with us, you may personally access and/or correct your personal data currently in our possession or control through the Account Settings page on the Platform. If you do not have an account with us, you may request to access and/or correct your personal data currently in our possession or control by submitting a written request to us. We will need enough information from you in order to ascertain your identity as well as the nature of your request so as to be able to deal with your request. Hence, please submit your written request by sending an email to our Personal Data Protection Officer at firstname.lastname@example.org.
12.2.2 We may charge you a reasonable fee for the handling and processing of your requests to access your personal data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your access request unless you have agreed to pay the fee.
12.2.3 We reserve the right to refuse to correct your personal data in accordance with the provisions as set out in Privacy Laws, where they require and/or entitle an organisation to refuse to correct personal data in stated circumstances.
- QUESTIONS, CONCERNS, OR COMPLAINTS? CONTACT US
13.1 If you have any questions or concerns about our privacy practices, we welcome you to contact us by e-mail at email@example.com.