Data Protection Notice for Customers

LUCKY UNION FOODS CO.,LTD.

What is personal data?

Personal data is any information that relates to or identifies a living individual, both directly or indirectly. This also includes the collection of less explicit data that leads to an identification of a particular person.

Collection of Personal Data

We may collect the following data from the users:

  1. Personal identification data including age, nationality, date of birth, etc.
  2. Contact information including address, phone number, e-mail address, etc.
  3. Payment data including bank account, payment method, etc.
  4. Transaction data including transaction number, purchase history, etc.
  5. On-site personal data including account name, password, personal interest regarding services, etc.
  6. Technical data including IP address number, log-in history, setting, web browser connection, etc.
  7. Marketing data including service satisfaction and feedback, etc.

Access to Personal Data

We access users personal data through 2 main following channels:

  1. We access personal data directly from the users via the collection during the provision of service including:
    1. User’s account registration, and the submission of application for any  services
    2. User’s subscription of any marketing and sales information including advertisement and promotion
    3. User’s consensual agreement when filling out the survey
    4. User’s cookies when accessing the platform
    5. Mutual contact between users and service providers both offline and online such as email enquiries and phone calls
    6. User’s purchase of any particular service or product
    7. User’s log-in on both service provider’s platform and associated sites such as Facebook and Google
  2. We collect personal data of the users indirectly from the third-parties in the following cases: Facebook Login, LINE Login, Email & Password Login, Contact Name, Contact Address,Delivery Address

Data Collection Objectives

We may collect and use users personal data for any or all of the following purposes:

  1. To perform obligations in the course of or in connection with our provision of the goods and/or services requested by the user
  2. To process the payment of a particular service or product such as tours, attraction tickets, transportation service, etc.
  3. For post-sale customer service such as promotions and feedback enquiries
  4. To verify user’s identity
  5. For marketing research and customer relationship optimization
  6. To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority
  7. To transfer data to any unaffiliated third parties including our third party service providers and agents, relevant governmental and/or regulatory authorities, for the aforementioned purposes

Sharing Personal Data

We may share and disclose your personal data to third parties in the following circumstances:

  1. Within LUCKY UNION FOODS CO.,LTD. for the purpose outlined in this policy.
  2. To third-party service providers who require access to personal data in order to assist in the provision of the website, products and services, and other business-related functions such as website analytics providers or our third-party advertisement partners. These third-party service providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
  3. We may also disclose visits information to third-parties:
  4. Where required by law or regulatory requirement, court order or other judicial authorization
  5. In response to lawful requested by public authorities including for the purposes of meeting national security and law enforcement requirements
  6. In connection with the sale, transfer, merger, bankruptcy, restructuring or other reorganization of a business
  7. To protect or defend our rights interests or property, or that of third parties
  8. To investigate any wrongdoing in connection with the website or service
  9. To protect the vital interests of an individual.
  10. We may also share Personal Information collected through the Website with third party companies so that they may offer products and services that we believe will be of interest to visitors, as well as third party advertising-serving companies to better target the adverts and other content displayed on website and to provide offers we think may be interests of visitors. The unsubscription of marketing is stated in the “Personal Data and Marketing Activities” section.

Personal Data Processing

After the collection of users personal data, we may store the data regarding the following processes:

  1. Computer System including On-premise
  2. We may use the collected personal data with the purposes mentioned in “Data Collection Objectives”
  3. We may disclose users personal data:
    • to staff members under LUCKY UNION FOODS CO.,LTD., in order to perform obligations in the course of or in connection with our provision of the goods and services requested by users; or
    • to third party service providers, agents and other organisations we have engaged to perform any of the functions with reference to the above mentioned objectives and for safety purposes.

Data Storage and Data Retention

We may store users personal data using the following systems:

  1. Users personal data will be saved as soft copy data stored in our computer systems.
  2. Users personal data will be saved in service provider’s devices, such as computers, phones, and tablets. This includes the mentioned Computer System (On-premise).
  3. Data retention period will be illustrated in the “Data Retention” section below.

Data Retention Period

No. Type of Personal Data Retention Period
1 Personal identification data including age, nationality, date of birth, etc. 10 years from contract termination date
2 Contact information including address, phone number, e-mail address, etc. 10 years from contract termination date
3 Payment data including bank account, payment method, etc. 10 years from contract termination date
4 Transaction data including transaction number, purchase history, etc. 10 years from contract termination date
5 On-site personal data including account name, password, personal interest regarding services, etc. 5 years from contract termination date
6 Technical data including IP address number, log-in history, setting, web browser connection, etc. 5 years from contract termination date
7 Marketing data including service satisfaction and feedback, etc. 5 years from contract termination date

Data Subject Rights

Data subjects have the following rights:

  1. Right to withdraw consent: Users can withdraw their consent and request the processors to stop collecting their personal data.
  2. Right of Access: Users can submit data access requests, which oblige processors to provide a copy of any personal data they hold regarding data subjects. This includes a request for a disclosure of platforms and methods in which the processors collected the data from.
  3. Right of Rectification: Users can request an update on an inaccurate or incomplete personal data.
  4. Right to Erasure: Users can request that the service provider erase their data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or is no longer meeting the lawful ground for which it was collected. This includes the instance where the individual withdraws consent.
  5. Right to Restriction of Processing: Users can request the service provider to limit the way their personal data is used.
  6. Right to Data Portability: Users are permitted to obtain and reuse their personal data for their own purposes across different services. 
  7. Right to be informed: Users have the right to be notified about the collection of their personal data such as storage periods and purposes.
  8. Right to Object: Users can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority. 

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner

If you wish to learn more about our terms and conditions, please visit https://www.luckyunionfoods.com/en/privacy-policy. For full guidelines, please visit  Thailand Data Protection Guideline 2.0, Ministry of Digital Economy and Society website https://www.mdes.go.th, GDPR Guideline https://gdpr.eu/, European Commission https://ec.europa.eu/.
Note: There is no additional charge regarding the mentioned right entitlement, and users will be contacted within 30 days from the date of request 

Personal Information Request Form

In the case that you would like to manage your personal data, including:

  1. Data access request
  2. Data correction request
  3. General Consent Withdrawal request
  4. Complaint submission

Please contact our Data Protection Officer through the following details in the "Contact Us" section down below.

Personal Data and Marketing Activities

To optimize users satisfaction, we may distribute the information regarding our marketing activities such as promotion, discount, and news. This also includes information related to your preferences. Users can withdraw their consents after the subscription contacting dpoluf@luf.co.th

What are Cookies?

Cookies are text files stored on your computer's browser directory or program data subfolders. Cookies are created when you use your browser to visit a website that uses cookies to keep track of your movements within the site. If you wish to learn more about cookies, visit https://www.allaboutcookies.org/.

How Do We Use Cookies?

  1. To increase the efficiency and safety in users log-in process
  2. To collect user’s platform usage, content adjustments, and personal settings
  3. To research an individual user’s behaviour on the platform for satisfaction optimization purposes
  4. To research the behavioral trend of all users in order to increase the efficiency of the platform

Types of Cookies

  1. Functionality Cookies: Functionality cookies record information about choices you have made in the platform such as personal settings, languages, and fonts. This allows us to tailor our platform to you.
  2. Advertising Cookies: Advertising cookies record your on-site behaviour and history of sites visited. This allows us to provide you the services, products, and advertisements that suit your preferences.
  3. Strictly Necessary Cookies: These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. 
  4. Performance Cookies: These are cookies used for gathering site visitors data anonymously, including the page that is visited most frequently in the website. This allows us to efficiently improve our platform regarding users preferences.
  5. Third-party Cookies: These cookies will be determined by the third parties such as Google Analytics

Cookies Setting

Users can disable cookies on their browsers, by following these steps:

For Safari Users:

  1. Click the “Safari” menu, and tap “Preferences”.
  2. Click the “Privacy” tap and manage the following setting choices:
    1. Enabling  “Prevent cross-site tracking” to block third-party cookies and prevent third-party websites from storing data on your computer. 
    2. Enabling “Block all cookies” will prevent First-Party cookies, as well as Third-Party cookies. Enabling this may cause websites to work improperly, and Safari will warn you about this if you choose this option.
    3. Choose the “Manage Website Data” button to remove certain website domains which have stored data on your computer.

For Google Chrome Users:

  1. Open Chrome and tap on “Settings” at the top right.
  2. Click “Advanced” at the bottom.
  3. Under 'Privacy and security', click “Site Settings”.
  4. Click “Cookies”, then tap “ See all Cookies and Site Data”.
  5. If you wish to remove your cookies, tap “Remove All”.

For Internet Explorer Users:

  1. Open Internet Explorer and click “Tools” in the browser toolbar.
  2. Choose “Internet” Option.
  3. Click the “Privacy” tap.
  4. Under “Settings” move the slider to the top to block all cookies or to the bottom to allow all cookies, and then click OK.

Effect of Notice and Changes to Notice

This Notice applies in conjunction with any other notices, contractual clauses and consensual clauses that apply in relation to the collection, usage and disclosure of your personal data by us. Any links from other domains found on our site may be under a different personal data protection act.
We may revise this notice from time to time without any prior notification. You may determine if any such revision has taken place by referring to the date on which this notice was last updated. Your continual use of our services constitutes your acknowledgement and acceptance of such changes.

Effective date: 07/05/2020
Last updated: 07/05/2020

Contact Us

Data Processor

Name: LUCKY UNION FOODS CO.,LTD.
Address: 1/74-75 Samut Sakhon Industrial Estate, Moo 2, Rama II Road, Thasai, Mueang Samut Sakhon, Samut Sakhon 74000, Thailand
Contact detail: 034-490009-12
Email address: dpoluf@luf.co.th
Website: https://www.luckyunionfoods.com

In the case that you find any of our staff members does not act in compliance with the aforementioned regulations, you can file a request or a complaint at the following organisation:
Data Protection Committee, Ministry of Digital Economy and Society, Thailand
Address: The Government Complex Commemorating His Majesty the King's 80th BirthDay Anniversary 5th December, B.E.2550 (2007), Building B 6th - 7th Floor 120 Chaengwattana Road, Lak Si Intersection, Bangkok, 10210
Phone number: +662 142 2233
Information Commissioner’s Office, United Kingdom
Address: Wycliffe House, Water Lane, Wimslow, Cheshire SK9 5AF
Phone number: +44303 123 1113
 

Data Protection Notice for Customers

Personal Data Processing

The basis of our personal data processing is illustrated in (a) The Collection of Personal Data (b) Data Storage and Data Retention. The purposes of our data collection are as stated in (b) Data Collection Objectives. Our procedure are complied with the following standards:

  1. Contract execution including payment confirmation emails after the purchase of services provided by the company, bank account transfer, or any other agreements that you have executed with the company.
  2. Data Subject's Consent: Regarding your agreement during our service registration, you can withdraw your consent by following these steps:
    • You can withdraw personal data disclosure consent, used in the mentioned objectives, at any circumstances. This includes the request of personal data removal and data anonymity change. To withdraw your consent, contact our data processors through following channels:
    • Electronic channel such as email and website
    • Verbal channel such as phone call or staff member
    • Written channel such as information letter 

Once our staff members have received your withdrawal submission, the request will be forwarded to our data processors. However, your consent withdrawal has no effect on the data processing of your previous consensual personal data. Your consent withdrawal may also have the following consequences:
We may not be able to process your purchase or transaction, in the case that your personal data consent is withdrawn.

Exception of Personal Data Collection

The service providers are unable to collect your personal data without your consent, except for the following purposes:

  1. To obtain data for public benefits such as scientific research and historical data.
  2. To assure critical benefits concerning the security of data subjects including physical health and safetiness.
  3. To act in compliance with the consensual agreement that the data subject is a contract party.
  4. To act in compliance with applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcements and investigations conducted by any governmental or regulatory authority.
  5. For benefits legally obtained by service providers, data processors, and associated legal entities, except that the mentioned benefits are incompatible to basic data subjects right. 
  6. For public and legitimate interests of data processors.

Access to Personal Data

We access your personal data via following processes:

  1. When you log-in or register your account on our platform.
  2. When you submit registration forms, request forms, or any form associated with our service, both online and offline.
  3. When you make agreements or submit any information and file associated with our services.
  4. When you make contact with our service providers such as recorded phone calls, letters, faxes, face-to-face meetings, social media platforms, and emails.
  5. When you use our services on electronic platforms, including the use of cookies which will be adjusted once you have logged-in.
  6. When you process your transactions through our services.
  7. When you submit feedback or complaints.
  8. When you register or make any consensual agreement during our marketing and advertising campaigns such as contests and discounts. This includes the activities launched with our partners and associated third parties.
  9. When you request certain services provided by our on-site outsource service providers such as transaction and logistics services.
  10. When you visit or log-in the websites or applications of our partners and associated third parties.
  11. When you install our application on your devices such as mobile phones, computers, or tablets.
  12. When you connect your account with third party’s websites or applications.
  13. When you submit your personal information to us for any reason.

Persona Data Storage and Retention

Further details are clarified in the Data Protection Notice for Customer’s “Data Storage and Data Retention” section.

Data Subject’s Right

Further details are clarified in the Data Protection Notice for Customer’s “Data Subject’s Right” section.