Personal Information Protection Policy
1. Information storage
1.1 The Service Provider has the right to collect and collect information that can identify or identify the Subscriber or the User Contact Information, including but not limited to the name, address, telephone number, fax number, email address, gender, date of birth, position information, financial information, credit bureau information, investment information as well as the User's business activity, authority in business or any business organization or transaction and/or information received from the User's use of the service, such as device identifier, IP address, device ID, device type, mobile network information, connection information, geographic location information, browser, log data, website access, referring website, log in log, transaction log, customer behavior, website access statistics, access time, search information, use of various functions on the website and information that the Service Provider collects through cookies or other similar technologies from which the User has registered for or opened an account with the Service Provider. (Hereinafter referred to as "Personal Information"). However, the Service Provider will keep the personal information of the User confidential and have the right to use it as necessary for the purpose of providing the Website only.
2 Use and disclosure of personal information
When the User provides or discloses any information to the Service Provider, it is deemed that the User has allowed the Service Provider to store, maintain, disclose and use such information for the purposes as follows :
- 2.1 To investigate the facts of personal information about the identity of
- 2.2 To verify the qualifications and confirm the identity of the User in order to comply with
the Notification of the Capital Market Supervisory Board
(Tor. Jor. 21/2562) and to provide access to or use the services as specified by the Service Provider.
- 2.3 To manage and facilitate the User's account for the User.
- 2.4 To facilitate the User to perform the transactions according to the wishes of the User.
- 2.5 To communicate information about services, additional services or provide other information.
- 2.6 To assess the creditworthiness of crowdfunding securities and assess the creditworthiness of crowdfunding securities.
- 2.7 To collect the debt due in accordance with the terms and conditions of the Issuer and the crowdfunding securities holder.
- 2.8 To develop and improve the system and functions of the system in order to serve the website more efficiently.
- 2.9 To support the risk management aspects of the Service Provider.
- 2.10 To report information to the National Credit Bureau and
the Securities and Exchange Commission (SEC)
that the Service Provider is legally required to report.
- 2.11 For your benefit, in case the request for consent could not be done at that time.
- 2.12 In case it is necessary for the legitimate interests of the Service Provider or for any person or juristic person other than the User.
- 2.13 In case it is necessary for the performance of a contract which the User is a party or to process the requests of the User before entering into the contract.
- 2.14 To disclose information to a government agency or an organization that has jurisdiction and audit upon such agency or organization by virtue of law.
In addition to the aforementioned purposes, the Service Provider will keep and prevent the User's personal information confidential from being used without your prior permission.
3 Privacy confidentiality and security measures
In order to maintain the security of the personal information of the User, the Service Provider sets up a data control policy and customer confidentiality policy and the prevention of the use of inside information to establish guidelines for the protection of personal information and to reserve the right to privacy of the User as well as to keep this personal information confidential in accordance with the internal information protection provisions of the Service Provider by setting the rights and restrictions In order to access personal information, disclosure and processing of personal information is necessary only.
The Service Provider establishes the security measures of the website to protect the User's information from destruction or intrusion by malicious or unauthorized persons using the security standards of Basic information With Secure Socket Layer (SSL) technology to encrypt data that is transmitted over the Internet every time you make a transaction. Interceptors cannot continue to use the information, and the Service Provider requires regular audits and assessments of system security risks at least once a year. This includes providing appropriate backups to build confidence in the service. In addition to the general security measures and procedures mentioned above, the Service Provider also uses technology to protect the User's personal information as follows :
- 3.1 Firewall Firewall is a software system that allows only the person with
the right or the person authorized by the Service Provider to go through
the firewall to access the data.
- 3.2 Scan Virus Scan Virus On all computers that provide service, there is a high-performance computer anti-virus program installed and a regular update program. In addition, the Service Provider also has a computer virus checker installed on the server.
- 3.3 Auto Log Off Auto Log Off In using the service of the Website of the Service Provider, after the use of the service, the User should log off every time to log out. In case of forgetting to log off, the system will log off automatically within the appropriate time. This is for the safety of the User and to prevent access to the User's personal or confidential information.
4 Change and cancellation of information
- 4.1 The User can update personal information or find errors in personal information, please inform us via [email protected] or 02-258-6589 and submit relevant documents to verify and confirm information further.
- 4.2 The User can cancel the provision of personal information by informing us via [email protected] or 02-258-6589. However, when the User has canceled the provision of personal information, the User may not be serviced at their original level of satisfaction or the Service Provider may not be able to provide all or part of the service.
5 Data Protection Office
The Service Provider has been in compliance with the Personal Data Protection Act 2019 by appointing a Data Protection Officer (DPO) to investigate the actions of the Service Provider in relation to the collect, use and disclose personal information in accordance with the Personal Information Protection Act 2019 , including laws related to the protection of personal information. In addition, the company has established rules and regulations for relevant persons to perform as specified. In order to operate in accordance with the policy on the protection of personal information to be completed. It is also in accordance with the policy of the Personal Information and Cybersecurity Supervision Committee set by the Service Provider.