PRIVACY POLICY | FlareDash

Overview
We provide an overview of our Privacy Policy and where you can find more information below. For your comprehensive understanding of our practices with respect to your information, please refer to the details set out in this Privacy Policy. All capitalized terms are as defined in this Privacy Policy.

Who are we?

We are Flare (Thailand) Co., Ltd., a corporation having its registered office at 496-502 Amarin Building, 9th Floor. Unit No.2, 2.1 Phloen Chit Rd, Lumphini, Pathum Wan District, Bangkok. We are acting as a Data Controller for information collected through Our Services.
Details

What information do we collect about you?

We collect the following type of information about you:

Information which you choose to provide to us through Our Services
Information collected as you use Our Services
Information provided from third parties

Why do we collect this information?

We collect and use this information to:

provide Our Services, such as creating your account of Our Services, verifying your user ID and password, charging fees and other payment relating to Our Services, maintain and improve Our Services by tracking system failure and troubleshooting, improving the functions of Our Services, developing new products or services by introducing new functions of Our Services or new services based on your usage activity or inquiry from you, measuring and analyzing performance, such as measuring and analyzing your visits to and activity on Our Services, and optimizing Our Services based on such data obtained by the communication with you, such as notifying you of amendments in Our Services, responding to inquiries from you, protecting Us, our users, and the public, such as detecting, preventing, and responding to unauthorized use of your account, fraud, abuse, security risks, and technical issues that could harm Us, you, other users, or the public, investigating or addressing claims or disputes relating to Our Services comply with a law to which we are subjected prepare historical documents or archives for public interest, or to research or statistics

Some of information is necessary to be provided for compliance with laws, or conclusion of contract with us, or performing a contractual obligation with us. If you do not provide such information, you may not use the whole or part of Our Services.

Who is this information shared with?

Your information is shared with:

Our Affiliates
third-party service providers performing services to help our operations, such as customer support, technical support, or customer management, third-party IT service providers, such as provider of data storage service or business communication platform service third-party
advertising service providers

How long do we store your information?
We retain your Personal Data until it is no longer necessary to fulfill the purposes of collecting your Personal Data, or until you request us to erase or destroy your Personal Data. We may be required to retain certain information in order to comply with the laws which we are subject to.

What are your rights with respect to your Personal Data?

Regarding your Personal Data which we collect and store, you have the rights to:

request access to and obtain copy of your Personal Data
receive your Personal Data or request us to send or transfer your Personal Data to other Data Controllers by the automatic means
object the collection, use, or disclosure of your Personal Data
request to erase, destroy, or anonymize your Personal Data
request to restrict the use of your Personal Data
request correction or update of your Personal Data
withdraw the consent which you have given to us
complain to expert committee with respect to our processing of Personal Data

If you are located in the European Economic Area or the United Kingdom (the “European Countries”), you have certain rights and protections under the applicable law regarding the processing of your “personal data” as defined in the applicable law.

You may contact us through our Data Controller or Representative.

Introduction

This Privacy Policy describes how we collect, use, disclose, share, store, and transfer (collectively, “process”) information about you when you use our services or products (collectively, “Our Services”). We act as a Data Controller for any information collected through Our Services.

1.1. Who are we?
We are Flare (Thailand) Co., Ltd., a corporation having its registered office at 496-502 Amarin Building, 9th Floor. Unit No.2, 2.1 Phloen Chit Rd, Lumphini, Pathum Wan District, Bangkok.
We have the following affiliate companies (“Our Affiliates”):
- Flare inc., a corporation having its registered office at 2-67-10 Ikebukuro, Toshima-ku, Tokyo 171-0014, Japan

1.2. What is Personal Data?
In this Policy, “Personal Data” means information relating to a natural person, which is identified or identifiable, whether directly or indirectly, but excluding information of deceased natural persons. Please note that at all times we will adhere to the applicable statutory definition in determining what information is and is not Personal Data for the purposes of this Privacy Policy.

1.3. Scope of this Privacy Policy
This Privacy Policy applies to information, including Personal Data, which we collect in relation to your access or use of Our Services only. Regarding any information which you provide to or is collected by any third party other than us, please refer to privacy policy separately established by such third party.

1.4.Changes to this Privacy Policy
We will amend this Privacy Policy from time to time. We will notify you of the amendment of this Privacy Policy through Our Services, or other measures determined by us in case we make any substantive or material amendments. Any amendment will become effective upon our posting of the amended privacy policy on Our Services.

2. What information do we collect about you?

1) We collect the following information about you:
Information which you choose to provide to us through Our Services

Profile Information: such as name, mailing address, phone number, email address, login name, login passwords, identification information (such as ID number, driver’s license number), birth date, gender, and photo
Payment Information: such as credit card information, banking information, or information relating to other kinds of payment measure
Information of Communication with us: such as information about the communications between you and us including your inquiry, compliments, and other contact to us
Sensitive Personal Information: you may choose to provide us through Our Services with your information of a sensitive nature such as racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, or any other information of a sensitive nature. We do not collect and use these information without explicit consent from you, except where permitted by applicable laws.

2) Information collected as you use Our Services

Usage Information: such as access dates and times, pages viewed, apps and other system activity, type of browser. In some cases, we collect this information through cookies, beacons, tags, and similar technologies that create and maintain unique identifiers
Device Information: such as information about the devices you use to access Our Services, including the hardware models, device IP address, operating systems and versions, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, device motion information, and mobile network information
Communication Information: such as information about the communications between you and other users or third party through Our Services, such as texts, profiles, messages, photographs, graphics, images, icons, voice, video, and other information contents
Location Information: such as your precise or approximate location information as determined through data such as GPS, IP address, and WiFi. You may use the Services without enabling us to collect your Location Information. However, this might affect the functionality available on your use of Our Services
Driving Information: if you are a driver of Our Services, we may collect information about you such as driving details from the devices you use to access Our Services, including driving speed, GPS-based location information, date and time of driving (We may accidentally collect the driving information of a third party with whom you are a passenger; provided, however, we will not record such information nor identify such third party from the driving information as long as the third party is not a driver of Our Services.)

3) Information provided from third parties

We may collect information about you to be provided from third parties due to your consent. For example, we may collect your account information of third-party’s service when you log in Our Services through such account, or we may collect and use your bank information when we pay fees to you by using third-party’s payment service if you are a driver of Our Services. We may also collect and use information on how your usage activities on third-party’s services from marketing service providers.
In the event that we collect your Personal Data from a third party, we will notify you of the detail of the collected Personal Data and the detail of the third party. Such notification will be made within 30 days from the date of the collection.

3. Why do we process your Personal Data?

3.1. We process your Personal Data for the following purposes, to the extent applicable.

1.) To provide Our Services
We process your Personal Data to provide you with Our Services. For example, we collect your name, email address, and other information to create your account of Our Services, and we use your user ID and password to verify you as a user of Our Services. If you use a chargeable service, we collect and use your payment information, such as banking account, credit card information, to charge you fees and other payment relating to Our Services.

2.) To maintain and improve Our Services
We process your Personal Data for maintaining or improving Our Services. For example, we collect and use information of trouble informed by you for tracking system failure and troubleshooting, or we collect and use your usage activity on Our Services for improving the functions of Our Services or develop more convenient for users.

3.) To provide personalized services
We process your Personal Data to provide you with personalized services. For example, we provide recommendations or personalized content based on your activity on Our Services.

4.) To develop new products or services
We process your Personal Data for developing new products or services. For example, we collect and utilize information of how you use Our Services, inquiries from you, or questionnaire results for developing new products or services.

5.) To provide ads
We process your Personal Data for showing advertising. We may also show you personalized ads based on your interests. For example, we collect information of your browsing of other website and utilize it for showing advertisements which you might be interested in. You can control what information we use to show you ads by settings.
We do not show you personalized ads based on Sensitive Personal Information.
We do not share information that personally identifies you with advertisers, such as your name or email, unless you ask us to.

6.) To measure and analyze performance
We process your Personal Data for analyzing and measuring how our services are used. For example, we measure and analyze your visits to and activity on Our Services for optimizing Our Services. We also use information of which ads you interact with for helping advertisers understand the performance or effectiveness of their ads.

7.) To communicate with you
We process your Personal Data to communicate with you. For example, we respond to inquiries from you or may send you a notification about Our Services by using contact information provided by you such as email address. In addition, if you contact us, we will keep a record of your request in order to help solve any issues you might be facing.

8.) To protect us, our users, and the public
We may process your Personal Data to protect us, you or other users, or the public interest. For example, we use your account ID and password for detecting, preventing unauthorized use of your account, fraud, abuse, or security risks. We may also use your Personal Data to investigate or address claims or disputes relating to Our Services.

9.) Other Purposes
We may process User Information for the purposes prescribed in 5. below.

If you do not provide us with your Personal Data which is necessary for complying with laws or performing the contract between you and us or entering into such contract (e.g. the information required to be entered by you on the user registration screen or driving information (if you are a driver of Our Services), your application for use of Our Services may not be accepted, or you may not be allowed to use part of Our Services.

4. Disclosure, Share, or Transfer of Personal Data

4.1. We may share your Personal Data with the following categories of recipients:

Our Affiliates
third-party service providers performing functions or services on our behalf, such as customer support, technical support, or customer management.
third-party IT service providers, such as provider of data storage service or business communication platform service third-party advertising service providersr the applicable laws of Thailand, by accepting this Privacy Policy, you hereby grants us your consent to transfer your information to such destination country.

4.2. Except for the recipients prescribed above, we will not disclose your Personal Data to any third party without your prior consent, except where we collected your Personal Data based on any of the legal basis prescribed in 5. below.

4.3. We transfer your Personal Data to any of our Affiliates or third-party service providers outside of Thailand, such as our data center specified in 6.2. When we transfer it to such entities outside of Thailand, we ensure that appropriate safeguards and protections are taken in place pursuant to applicable laws. In the event that the destination country that we transfer your Personal Data to may not have appropriate safeguards and protections under the applicable laws of Thailand, by accepting this Privacy Policy, you hereby grants us your consent to transfer your information to such destination country.

5. The legal basis on which we process Personal Data

We process your Personal Data based on a different legal basis depending on the nature of Personal Data and the type of processing involved. We rely on the following legal bases (single or multiple) other than or in addition to your consent, insofar as it applies.

1.) Performance of a Contract / Entry into a Contract
Some of Personal Data is processed on the basis that it is necessary for the performance of our agreement with you or for taking steps at your request prior to entering such an agreement. For example, we need to request you to provide your email address, login name, login passwords to create your account for using Our Services in order to perform our obligation under service agreement with you.

2.) Legitimate Interests
A second ground relied upon by us is that it is necessary for the purposes of legitimate interests pursued by us or a third party. These legitimate interests include the operation of Our Services and our business, maintenance and improvement of Our Services, pursuit of the safety of Our Services, such as fraud detection and prevention, charging the payment regarding the chargeable services, providing ads of our services or products or ads of third-party’s services or products, provision of our advertising services to our clients as required by our agreements with them. Further examples are shown in 3. above. We only rely on such a ground where such interests are not overridden by your interests or fundamental rights and freedoms.

3.) Research or Statistics / Preparation of Historical Documents or Archives for Public Interest
A third ground relied upon by us is that it is necessary for research or statistics, or preparation of historical documents or archives for the public interest. For example, we may create statistics relating to the business area to which our services belong for the purpose of our own or third-party’s marketing. We only rely on such a ground where the suitable measures to safeguard your rights and freedoms are taken in place and in accordance with applicable law.

4.) Compliance with a Law
A fourth ground relied upon by us is that it is necessary for compliance with a legal obligation. For example, we are required to retain records for fixed periods of time in order to comply with applicable laws.

5.) Prevention of a Danger / Performance of a Task for Public Interest
In some rare cases, there may be necessary for preventing or suppressing a danger to your or other persons’ life, body, or health, or we may need to perform a task for the public interest.

6. What do we do to keep your Personal Data secure?

6.1 We seek to take reasonable security measures to protect your Personal Data against loss, misuse, alteration, and divulgation in order to ensure the confidentiality, integrity, and availability of Personal Data. Those measures include:

(a) ensuring any of its employees or agents or other persons to whom it provides access to Personal Data are obliged to keep it confidential;
(b) the use of pseudonymization and encryption of Personal Data, where appropriate;
(c) measures to ensure the ongoing confidentiality, integrity, availability, and resilience of the our systems and services;
(d) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical data breach incident;
(e) a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing of Personal Data;
(f) reasonably cooperating with and adopting recommendations of the Controller with respect to any other measures for the purposes of Personal Data protection.

6.2 In the event of any breaches of Personal Data, we shall promptly:

(g) notify the Personal Data Protection Committee, under the Personal Data Protection Act, and you, of the Personal Data breach within [72] hours after we have become aware of, or reasonably suspects there has been a Personal Data breach; and
(h) conduct appropriate actions to stop, contain, or control the Personal Data breach.
(i) provide the Personal Data Protection Committee, and you, with details of the Personal Data breach.

7. Where do we store and process your Personal Data

We may possess or store Personal Data in countries outside of Thailand, provided such possession or storage by us of Personal Data will (to the extent required under PDPA) be affected by way of appropriate safeguards and in accordance with PDPA.
By agreeing to this Privacy Policy, you hereby consent to any transfers of your Personal Data outside of Thailand

8. How long do we store your Personal Data?

We retain your Personal Data until it is no longer necessary to fulfill the purposes of processing your Personal Data, or until you request us to erase or destroy your Personal Data. We may be required to retain certain information in order to comply with the laws to which we are subject.

Specific retention periods are determined based on the following considerations: purposes of processing, the nature of Personal Data, and the necessity of retaining Personal Data for legal or business reasons. For example, if you are a user of Our Services, we will normally erase your Personal Data within 6 months from the date on which you become no longer a user of Our Services; however, we may be necessary to retain the whole of part of your Personal Data for the purpose of establishment, compliance, or exercise of legal claims, defense of legal claims, or the purpose of compliance with the law.

9. What are your rights regarding your Personal Data?

Regarding your Personal Data which we collect and store, you have the rights to:

1.) request access to and obtain a copy of your Personal Data
2.) receive your Personal Data or request us to send or transfer your Personal Data to other Data Controllers by the automatic means
3.) object to the collection, use, or disclosure of your Personal Data
4.) request to erase, destroy, or anonymize your Personal Data
5.) request to restrict the use of your Personal Data
6.) request correction or update of your Personal Data
7.) withdraw the consent which you have given to us, except where there is a restriction by law or the contract which gives benefits to you (provided, your withdrawal of consent will not affect the lawfulness of procession made prior to such withdrawal)
8.) complain to the expert committee with respect to our processing of your Personal Data. If you are not satisfied with how we process your Personal Data, you may contact us through the Contact Details below.

In the event that you want to exercise the right to withdraw consent, you can contact to "info[at]flare.run" . However, the withdrawal of your consent related to and required for the Service may prevent you from complying with the contract or providing services to you or may cause the transaction or any other related activities to be suspended or temporarily discontinued

10. Information for Residents of European Countries

Our Services are provided to persons who live or are visiting Thailand and not intended to be provided to persons living in the European Countries. However, if you are located in the European Countries, you might have certain rights and protections under General Data Protection Regulation (“GDPR”) regarding processing of your “personal data” as defined in the GDPR. Some of information that we process may constitute the “personal data”. This section is applicable in accordance with the GDPR only if Our Services are subject to the GDPR.

10.1. Our Role as a Controller or Processor
If you are located in one of the European Countries, we act as a “controller” as defined in the GDPR when processing your personal data. We may also act as a “processor” as defined in the GDPR to the extent that we process your personal data on behalf of and at the instruction of another party.

10.2. Legal Basis of Processing
If you are located in the European Countries, we collect and process your “personal data” based on the following legal basis:

1.) Performance of a Contract / Entry into a Contact
2.) Legitimate Interests
3.) Compliance with a Legal Obligation
4.) Protection of Vital Interests
5.) Performance of a Task for Public Interest
6.) Consent
Please refer to 5. The legal basis on which we process Personal Data for more details.

10.3. Automated Individual Decision-Making, Including Profiling
We do not use a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

10.4. Your Rights
If you are located in the European Countries, regarding your “personal data” which we collect and store, you have the rights to:

1.) access to your “personal data” and related information, such as categories of recipient, envisaged retention period, source of acquisition, and obtain a copy of your “personal data” in our possession
2.) rectify your inaccurate “personal data”
3.) erase your “personal data”
4.) restrict on processing of your “personal data”
5.) receive your “personal data” which you provided to us and request us to transmit those data to another controller (data portability)
6.) object to the processing of your “personal data”
7.) withdraw the consent which you have given to us at any time (your withdrawal of consent will not affect the lawfulness of procession made prior to such withdrawal) not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where:

a. the decision is necessary for entering into, or performance of, a contract between you and us;
b. the decision is authorized by Union or Member State law to which we are subject, and which also lays down suitable measures to safeguard your rights, freedoms, and legitimate interests; or
c. the decision is based on your explicit consent. Those rights may be subject to certain conditions as set forth in the GDPR.

10.5. Data Transfers
We transfer your “personal data” to any of our Affiliates or third-party service providers outside of the European Countries. When we transfer your “personal data” to such entity outside of the European Countries, we ensure that appropriate safeguards and protections are took in place pursuant to the GDPR. For example, we enter into agreements including standard data protection clauses adopted by the European Commission or other appropriate arrangements with various entities located outside the European Countries with whom we share your “personal data”. However, please acknowledge that some countries that we transfer your “personal data” might not have appropriate safeguards and protections under the GDPR. If we transfer your “personal data” to any of such countries, we will notify you of the possible risks of such transfer for you due to the absence of an appropriate safeguards and obtain your consent with such transfer. If you wish to receive a copy of documentation related to these safeguards, please contact us.

10.6. Complaints

If you are located in one of the European Countries, you may file a complaint with the Data Protection Supervisory Authority of the Member State of your habitual residence, place of work, or place of the alleged infringement.

11. Contact Details
If you have any questions regarding this Policy, please contact us here; or you may also contact us through the following contacts set out below.

Flare (Thailand) Co., Ltd.
496-502 Amarin Building, 9th Floor. Unit No.2, 2.1 Phloen Chit Rd, Lumphini, Pathum Wan District, Bangkok

This Policy was last updated on March 23, 2023.