Privacy Policy

Overview

Who are we?
We are TD KYC (Thailand) Co., Ltd., a corporation having its registered office at 725 Metropolis Building, Suite 58, Level 20, Sukhumvit Road, Klongtan Nuea, Watthana, Bangkok 10110 Thailand.
Details

What service is subject to this Policy?
We provide some services such as Identity Verification Service and Digital ID Service. In Digital ID Service, we are acting as a Data Controller, and this Policy applies to Digital ID Service.
On the other hand, in Identity Verification Service, we are acting as a Data Processor on behalf of the other Data Controllers; therefore, this Policy does not apply to Identity Verification Service. Regarding how your Personal Data is processed in Identity Verification Service, please refer to privacy policies or statements stipulated by each Data Controller.
Details

What information do we collect about you?
We collect the following type of information about you:

  • Information which you choose to provide to us through Our Services
  • Information collected as you use Our Services
  • Information provided from third parties

Details

Why do we collect this information?
We collect and use this information to:

  • provide Our Services, such as the followings:
    • creating your account of Our Services;
    • verifying your user identifier;
    • charging fees and other payment relating to Our Services;
    • verifying your identity;
    • producing and utilizing digital ID;
    • notifying procedural progress concerning your application;
  • maintain and improve Our Services, like tracking system failure and troubleshooting, improving the functions of Our Services
  • develop new products or services, like developing a new function of Our Services or new services based on your usage activity or inquiry from you
  • measure and analyze performance, like measuring and analyzing your visit to and activity on Our Services and optimizing Our Services based on such data
  • communicate with you, like notifying you of amendments in Our Services, responding to inquiries from you
  • protect Us, you, our users, and the public, like detecting, preventing, and responding to unauthorized use of your account, fraud, abuse, security risks, and technical issues that could harm Us, Our Affiliates, you, other users, or the public, investigating or addressing claims or disputes relating to Our Services
  • comply with laws to which we are subject
  • prepare historical documents or archives for public interest, or to research or statistics

Some information is necessary to be provided for compliance with laws, or conclusion of contract with us, or performing a contractual obligation with us. If you do not provide such information, you may not use the whole or part of Our Services.
Details

Who is this information shared with?
Your Personal Data is shared with:

  • Our Affiliates
  • third-party service providers performing services to help our operations, such as customer support, technical support, or customer management
  • third-party IT service providers, such as provider of data storage service or business communication platform service

Details

How long do we store your information?
We retain your Personal Data until it is no longer necessary to fulfill the purposes of collecting the Personal Data, or until you request us to erase or destroy the Personal Data. We may be required to retain certain information in order to comply with the laws which we are subject to.
Details

What are your rights with respect to the Personal Data?
Regarding your Personal Data which we collect and store, you have the rights to:

  • request access to and obtain copy of your Personal Data
  • receive your Personal Data or request us to send or transfer the Personal Data to other Data Controllers by the automatic means
  • object to the collection, use, or disclosure of your Personal Data
  • request to erase, destroy, or anonymize your Personal Data
  • request to restrict the use of your Personal Data
  • request correction or update of your Personal Data
  • withdraw the consent which you have given to us
  • complain to expert committee with respect to our processing of Personal Data

Details

Contact us
You may contact us through our Data Protection Officer.
Details


  1. Introduction
    This Privacy Policy describes how we collect, use, disclose, share, store, and transfer (collectively, “process”) information about you when you use our services or products.
    1. Who are we?
      We are TD KYC (Thailand) Co., Ltd., a corporation having its registered office at 725 Metropolis Building, Suite 58, Level 20, Sukhumvit Road, Klongtan Nuea, Watthana, Bangkok 10110 Thailand. We have the following affiliate companies (“Our Affiliates”):
      • TD Holdings (Thailand) Co., Ltd , a corporation having its registered office at 725 Metropolis Building, Level 20, Sukhumvit Road, Klongton Nuea, Wattana, Bangkok 10110 Thailand
      • TRUSTDOCK Inc., a corporation having its registered office at Nagatacho GRID, 2-5-3 Hirakawa-cho, Chiyoda-ku, Tokyo 102-0093 JAPAN
    2. What service is subject to this Policy?
      We provide some services such as Identity Verification Service and Digital ID Service. In Digital ID Service, we are acting as a Data Controller, which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, and this Policy applies to Digital ID Service (“Our Services”). On the other hand, in Identity Verification Service, we are acting as a Data Processor, which processes Personal Data on behalf of the other Data Controllers; therefore, this Policy does not apply to Identity Verification Service. Regarding how your Personal Data is processed in Identity Verification Service, please refer to privacy policies or statements stipulated by each Data Controller who entrusts us with processing of your Personal Data.
    3. What is Personal Data?
      In this Policy, “Personal Data” means information relating to a natural person, which is identified or identifiable, whether directly or indirectly, but excluding information of deceased natural persons. Please note that at all times we will adhere to the applicable statutory definition in determining what information is and is not Personal Data for the purposes of this Privacy Policy.
    4. Scope of this Privacy Policy
      This Privacy Policy applies to information, including Personal Data, which we collect in relation to your access or use of Our Services only. Regarding any information which you provide to or is collected by any third party other than us, please refer to the privacy policy separately established by such third party.
    5. Changes to this Privacy Policy
      We will amend this Privacy Policy from time to time. We will notify you of the amendment of this Privacy Policy through Our Services, or other measures determined by us if we make any substantive or material amendments. Any amendment will become effective upon our posting of the amended privacy policy on Our Services, Our Websites or Our Application.
  2. What information do we collect about you?
    We collect the following information about you:
    1. Information which you choose to provide to us through Our Services
      • Profile Information: such as full name, mailing address, ID document information (such as type of ID, issuer, date of issue, date of expiry, ID image, ID number), nationality, date of birth, gender, and face photo
      • Information of Communication with us: such as information about the communications between you and us including your inquiry, compliments, and other contact to us.
      • Sensitive Personal Information: you may choose to provide us through Our Services with your information of a sensitive nature such as racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, or any other information of a sensitive nature. We do not collect and use this information without explicit consent from you, except where permitted by applicable laws.
    2. Information collected as you use Our Services
      • Usage Information: such as user identifier, access dates and times, pages viewed, apps and other system activity. In some cases, we collect this information through cookies, beacons, tags, and similar technologies that create and maintain unique identifiers.
      • Device Information: such as information about the devices you use to access Our Services, including the hardware models, device IP address, operating systems and versions, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, device motion information, and mobile network information
    3. Information provided from third parties
      • We, as a Data Controller, may collect information about you to be provided from third parties due to your consent. For example, we may collect information such as the result of verifying your identity from the Department of Provincial Administration of Thailand.
      • In the event that we, as a Data Controller, collect your Personal Data from a third party, we will notify you of the detail of the collected Personal Data and the detail of the third party. Such notification will be made within 30 days from the date of the collection.
  3. Why do we process your Personal Data?
    1. We process your Personal Data for the following purposes, to the extent
      • To provide Our Services
        We process your Personal Data for providing Our Services. For example, we collect your name, date of birth, and other information to create your account of Our Services, and we use your user identifier to verify you as a user of Our Services. Our Services include the followings:
        • verifying your identity;
        • producing and utilizing digital ID;
        • notifying procedural progress concerning your application.
      • To maintain and improve Our Services
        We process your Personal Data for maintaining or improving Our Services. For example, we collect and use information of trouble informed by you or other users for tracking system failure and troubleshooting, or we collect and use your usage activity on Our Services for improving the functions of Our Services or develop more convenience for users.
      • To develop new products or services
        We process your Personal Data for developing new products or services. For example, we collect and utilize information of how you use Our Services, inquiries from you, or questionnaire results for developing new products or services.
      • To measure and analyze performance
        We process your Personal Data for analyzing and measuring how our services are used. For example, we measure and analyze your visits to and activity on Our Services for optimizing Our Services.
      • To communicate with you
        We process your Personal Data to communicate with you. For example, we respond to inquiries from you or may send to you a notification about Our Services through Our Services. In addition, if you contact us, we will keep a record of the request in order to help solve any issues you might be facing.
      • To protect us, you, our users, and the public
        We may process your Personal Data to protect us, you or other users, or the public interest. For example, we use a user identifier about you for detecting, preventing unauthorized use of the account, fraud, abuse, or security risks. We may also use your Personal Data to investigate or address claims or disputes relating to Our Services.
      • Other Purposes
        We may process your information for the purposes prescribed in 5. below.
    2. If you do not provide us with the Personal Data which is necessary for complying with laws or performing the contract between you and us or entering into such contract (e.g., the information required to be entered by you on the user registration screen), your application for use of Our Service may not be accepted, or you may not be allowed to use part of Our Service.
  4. Disclosure, Share, or Transfer of Personal Data
    1. We may share your Personal Data with the following categories of recipients:
      • Our Affiliates
      • third-party service providers performing functions or services on our behalf, such as customer support, technical support, or customer management
      • third-party IT service providers, such as provider of data storage service or business communication platform service
    2. Except for the recipients prescribed above, we will not disclose your Personal Data to any third party without your prior consent, except where we collected your Personal Data based on any of the legal basis prescribed in 5 below.
    3. We may transfer your Personal Data to any of Our Affiliates or third-party service providers outside of Thailand. When we transfer it to such entities outside of Thailand, we ensure that appropriate safeguards and protections are taken in place pursuant to applicable laws. However, please acknowledge that some countries that we transfer your Personal Data might not have appropriate safeguards and protections under the applicable laws of Thailand.
  5. The legal basis on which we process Personal Data We process your Personal Data based on a different legal basis depending on the nature of Personal Data and the type of processing involved. We rely on the following legal bases (single or multiple) other than or in addition to your consent, insofar as it applies.
    • Performance of a Contract / Entry into a Contract Some of Personal Data is processed on the basis that it is necessary for the performance of our agreement with you or for taking steps at your request prior to entering such an agreement. For example, we need to request you to provide your name and date of birth to create your account for using Our Services in order to perform our obligation under service agreement with you.
    • Legitimate Interests A second ground relied upon by us is that it is necessary for the purposes of legitimate interests pursued by us or a third party. These legitimate interests include the operation of Our Services and our business, maintenance and improvement of Our Services, pursuit of the safety of Our Services, such as fraud detection and prevention. Further examples are shown in 3. above. We only rely on such a ground where such interests are not overridden by your interests or fundamental rights and freedoms.
    • Research or Statistics / Preparation of Historical Documents or Archives for Public Interest A third ground relied upon by us is that it is necessary for research or statistics, or preparation of historical documents or archives for the public interest. For example, we may create statistics relating to the business area to which our services belong for the purpose of our own or third-party’s marketing. We only rely on such a ground where the suitable measures to safeguard your rights and freedoms are taken in place and in accordance with applicable law.
    • Compliance with a Law A fourth ground relied upon by us is that it is necessary for compliance with a legal obligation. For example, we are required to retain records for fixed periods of time in order to comply with applicable laws.
    • Prevention of a Danger / Performance of a Task for Public Interest In some rare cases, there may be necessity to prevent or suppress a danger to your or other persons’ life, body, or health, or we may need to perform a task for the public interest.
  6. What do we do to keep your Personal Data secure?
    We seek to take reasonable security measures to protect your Personal Data against loss, misuse, alteration, and divulgation. Such reasonable security measures include use of adequate security software, restricted access, and assigning a person in charge of managing Personal Data. However, please note that although we take appropriate steps to protect your Personal Data, no website, product, device, online application or transmission of information, computer system or wireless connection is completely secure and therefore we cannot guarantee the security of your Personal Data.
  7. How long do we store your Personal Data?
    We retain your Personal Data until it is no longer necessary to fulfill the purposes of processing your Personal Data, or until you request us to erase or destroy the Personal Data. We may be required to retain certain information in order to comply with the laws to which we are subject. Specific retention periods are determined based on the following considerations: purposes of processing, the nature of Personal Data, and the necessity of retaining Personal Data for legal or business reasons. For example, if you are a user of Our Services, we will normally erase your Personal Data within [6] months from the date on which the provision of Our Services is terminated; however, we may be required to retain the whole of part of your Personal Data for the purpose of establishment, compliance, or exercise of legal claims, defense of legal claims, or the purpose of compliance with the law.
  8. What are your rights regarding the Personal Data?
    Regarding your Personal Data which we collect and store, you have the rights to:
    • request access to and obtain a copy of your Personal Data
    • receive your Personal Data or request us to send or transfer the Personal Data to other Data Controllers by the automatic means
    • object to the collection, use, or disclosure of your Personal Data
    • request to erase, destroy, or anonymize your Personal Data
    • request to restrict the use of your Personal Data
    • request correction or update of your Personal Data
    • withdraw the consent which you have given to us, except where there is a restriction by law or the contract which gives benefits to you (provided, your withdrawal of consent will not affect the lawfulness of procession made prior to such withdrawal)
    • complain to the expert committee with respect to our processing of your Personal Data. If you are not satisfied with how we process the Personal Data, you may contact us through the Contact Details below.
  9. Contact Details
    For any inquiries or questions regarding this Policy, please contact us through the contact information set out below.

    Company’s name: TD KYC (Thailand) Co., Ltd.
    Address: 725 Metropolis Building, Suite 58, Level 20, Sukhumvit Road, Klongtan Nuea, Wattana, Bangkok 10110 Thailand
    Email: privacy@trustdock.io

    Data Protection Officer
    Mr. Takahiro Chiba
    Address: 725 Metropolis Building, Suite 58, Level 20, Sukhumvit Road, Klongtan Nuea, Watthana, Bangkok 10110 Thailand
    Department: Inquiry Desk
    Email: privacy@trustdock.io

    Established on 18 December 2020