1.       Introduction

This Privacy Policy (“Policy”) is set out by BlueVenture Tech Company Limited (“Company”) as a personal data protection measure in which it prescribes criteria for collection, use and disclosure of personal data, including notification of the rights of Service User for their acknowledgment. Service User should therefore need to fully understand this Policy prior to their use of Wellnesso Platform.

Please take a moment to read our Privacy Policy to understand more about your rights to the personal data that you have given to or have with us. This Privacy Policy is subject to change at any time; so, you should come back and read this Privacy Policy from time to time. If there is any significant change to our Privacy Policy which may affect the rights to your personal data, the Company will inform you without delay.

 

2.       Definition

2.1.  “Personal Data” means any data which identify a person either directly or indirectly, including data of a service user provided to the Company, or received by the Company or that the Company has access from other sources. Personal Data are categorized into two types as follows:

2.1.1.   General Personal Data means information relating to name and family name, sex, date of birth, age, identification number, postal address, telephone number, fax number, email address, IP address, or any data which identify that person, or number, code or any other materials which identify oneself such as voice record or photograph;  

2.1.2.   Sensitive Personal Data means information relating to racial or ethnic origin, religious beliefs, sexual orientation, data concerning health, genetic and biometric data or any other data which equally matter to the personal data owner;

2.2.  “Service User” means a personal data owner who uses Wellnesso Mobile application (“Wellnesso”);

2.3.  “Company” means BlueVenture Tech Company Limited and its authorized companies or persons;

 

3.       What personal data we collect from you

3.1.  The Company will collect Personal Data of the Service User that the Company has received from the Service User directly through Wellnesso, pamphlet and/ or any other channels or any other reliable sources such as the Participating Member Company or government agencies for abovementioned purpose.  The Company will collect and use Personal Data of the Service User by using legitimate and fair methods.

3.2.  The Company will collect, use or disclose the following information:

3.2.1.   Contact data which are name and family name, email address;

3.2.2.   Identification data which are name-family name;

3.2.3.   Activity which are steps, distance, calories;

3.2.4.   Device such as version operating system of the device of the Service User (where access is permitted through device setting);

 

4.       Why and how we collect, use and disclose your personal data

4.1.  The Company will collect Service User’s data to;

4.1.1.   Setup challenges that encourages Service User to do more activities in order gain points and be more healthy

4.1.2.   Monitor activities to trigger Service User and automatically provide points base on joined challenges’ criteria

4.2.  Prior collecting of Service User’s data, the Company shall obtain consent from Service User.

4.3.  Certain types of services may need to collect, use or disclose Sensitive Personal Data which will be conducted with the permission of the Service User only under the rules as prescribed by law. The Company may disclose Personal Data

4.3.1.   It is an act for public interest or to comply with legal or regulatory obligations;

4.3.2.   It is necessary to prevent or eliminate danger to life, body or health of a person;

4.3.3.   It is necessary to execute the contract to which the Service User is a party, or to proceed on request of the Service User before entering into a contract;

4.3.4.   It is necessary for legitimate interests of the Company or a person or other legal persons unless such benefits are less significant than basic right in Personal Data of the Service User;

4.3.5.   It is required by law. 

4.3.6.   To employees who are authorized by the Companygovernment agencies or law enforcement authorities, financial institutions, internal or external auditors, Cloud Computing service providers both in Thailand and abroad or any other persons as necessary for abovementioned purposes which are permitted by the Service User to collect, use and disclose their Personal Data to carry out as necessary in accordance with the purposes of service provision as well as to oblige as required by law or to conduct an investigation or take legal action

 

5.       Informing you of your personal data collection

The Company will always notify you, before or at the time of collecting your personal data, about our purposes of processing. However, in some circumstances as specified under the PDPA, it is not necessary for us to inform you about our processing of your personal data, such as when:

5.1.  you are already aware of such new purposes or details of our processing; 

5.2.  The Company believe that notice of such new purposes or the details of our processing is impossible or will obstruct the use or disclosure of your personal data, where the Company have taken suitable measures to protect your rights, freedoms and interests;

5.3.  it is urgent to use or disclose your personal data as required by law and the Company have implemented suitable measures to protect your interests; or

5.4.  The Company are aware of or acquire your personal data from our duty, occupation or profession, and the Company have used your personal data in accordance with such professional purposes and maintained the confidentiality as required by law.

 

6.       Rights of Personal Data Owner

The Service User has the right under the conditions prescribed by law as follows:

6.1.  Right to access and obtain a copy of Personal Data relevant to oneself or certain details of how the Company obtained such Personal Data whereas the Service User did not permit the collection or retention;

6.2.  Right to obtain Personal Data relevant to oneself from the Company which is readable or workable on automatically functioned devices or equipment, including to send or transfer such information to other Personal Data controller;

6.3.  Right to object to collection, use, or disclosure, or processing of Personal Data of the Service User except the case where it is proven that the Company collects, uses or discloses such information legally, or to act on or exercise the right of claim under the law, or to dispute the right of claim, or to abide by a contract between the Service User and the Participating Member Company, or to rely on legitimate right under other laws;

6.4.  Right to erase or destroy or to make identification of the personal data owner unidentifiable in the following cases:
(1) When it is no longer necessary to maintain it for the purpose of collection, use or disclosure;
(2) When the Service User withdraws his/ her consent to the collection, use or disclosure of Personal Data; and the Company is not entitled to collect, use or disclose such information;

(3) When the Service User objects to the collection, use or disclosure of Personal Data which have been conducted without permission from the Service User; and the Company is not in the position to reject the objection;
(4) When the collection, use or disclosure of Personal Data have been conducted unlawfully.

6.5.  Right to suspend the use or disclosure of Personal Data relevant to oneself is subject to the followingcircumstances:
(1) When the Company is in the process of examining Personal Data as requested by the Service User;
(2) When the Personal Data would have to be removed or destroyed by the provision of the law after it is no longer necessary to be retained for the purpose of collection; but the Service User requested suspension of use instead as the Service User wishes to maintain it so as to establish the right of claim by law, act on or exercise the right of claimunder the law, or dispute the right of claim; 

(3) When the Company is in the process of proofing or examining to reject the objection of the Service User.

6.6.  Right to make request to the Company to correct or change Personal Data to satisfy oneself that the information is accurate, complete and up-to-date and not misleading;

6.7.  Right to withdraw the consent to collection of Personal Data. Such withdrawal would not cause any effects on the information previously processed;

6.8.  Right to file complaints in the case the Company including its employees or contractors have violated or failed to comply with the Personal Data Protection Act (2019) or notifications issued by virtue of this Act. The Service User may file a request to exercise the abovementioned rights to email Contact@BlueVentureTech.com

 

7.       Period of Personal Data Retention

7.1.  The Company will store Personal Data of the Service User for certain period of time as necessary for the purpose of servicing to only.

7.2.  The Company will set up an examination system to remove or destroy irrelevant or unnecessary Personal Data beyond the purpose of personal data collection, or to act on the request of the personal data owner, or when the personal data owner has withdrawn his/her consent, excepting the retention for the purpose as required by law;

7.3.  As long as the Service User holds a user account, the Company will maintain such personal data as email, name-family name and other details to ensure that the Service User is able to access and use the services except the account has been dormant for more than 5 years.

 

8.       Security Measure and Protection of Personal Data

The Company will set forth appropriate measure for personal data protection and develop IT security system in compliance with standards as required by law as well as raise awareness about the obligations of personal data protection with which the employees, officers of the Company and its contractors or outsourced service provider shall strictly comply.

 

9.       Changes to this Privacy Policy

The Company will regularly review and revise this Privacy Policy to ensure that it is current and up to standards. The
Service User will be informed through Website or In Application.

 

10.    Restrictions of Rights

10.1.  Service User is requested to examine the privacy policy and guidance of other websites or other Mobile applications linked to Wellnesso so as to be aware and understand how such websites or Mobile applications which are linked to Wellnesso collect, use or disclose personal data. Nonetheless, the Company is not able to certify the message or confirm any actions as announced in such websites or Mobile applications which are linked to Wellnesso and the Company does not take any responsibility if such websites or Mobile applications which are linked to Wellnesso fail to act in accordance with the Privacy Notice;

10.2.  The Company accepts no responsibility to any damages due to the Service User having disclosed his/her Personal Data to a third party, or those arising out of negligence of the Service User who failed to exit the system properly after use, or used with undue regards to IT security.

 

11.    How to contact us

If you have any questions regarding this Privacy Policy, please contact the Company at Contact@BlueVentureTech.com

Updated on 01 July 2022