LINE Company (Thailand) Limited Privacy Policy



This Privacy Policy of LINE Company (Thailand) Limited (“we”, “us”, or “our”) applies to the operations of our services, products, applications, websites that we offer through LINE platforms or our platforms, regardless of channel of access, be it via mobile application or website (the “Service(s)”), activities or events organized by us as well as any communication with you. It provides the policies and procedures for collecting, using, and disclosing the personal data of (1) each visitor to or user of the Services (the “User”); (2) our individual customers, business partners and business contacts; and (3) authorized persons, directors, shareholders, employees, personnel, persons who were ultimately given power of attorney to establish business and contractual and relationship, any other persons in similar capacity, and contact persons of our corporate customers, business partners and business contacts (“you” or “your”).  Our corporate customers, business partners and business contacts shall be collectively referred to as “Business Partner(s)”.

This Privacy Policy (the “Policy”) describes what personal data we collect and what it is used for. We take protecting your privacy seriously, and we want you to understand exactly how and why we use your personal data. Please read this Policy carefully as it describes how we collect, use, disclose, and/or transfer your personal data.

1.What Personal Data We Collect

1.1 Personal Data to be Provided by User

We may collect information about you relevant to the Services. For example, name, surname, nickname, phone number, address, email address. This personal data allows us to provide and improve the Services and provide additional features and functionality.

If you choose to participate in promotional or marketing activities or surveys [OPTIONAL] that we offer from time to time (“Campaign(s)”), we may request you to provide your personal data which includes your identification information and contact details (e.g., name, surname, government identification document, phone number, address, email address, gender and date of birth) for the purposes necessary for organizing a Campaign (e.g. Campaign registration, verification of your eligibility and Campaign conditions, delivery of Campaign prize etc.)       

1.2 Personal Data We Collect Automatically               

We may automatically collect information about your use of the Services or participation in the Campaigns such as: access time; device ID or other unique identifier; IP address; mac address; language information; device name and model; locale and timezone; carrier provider; operating system information; your activities within the Services or the Campaigns; and the length of time that you are logged in. We may automatically collect information about your LINE account: internal identifier; profile information (e.g. display name and display image). We may combine this information with other information that we have collected about you.

For geo-location data [OPTIONAL], we provide features that utilize geolocation data for your convenience and to improve your User experience. You are not required to provide your location information (“geolocation data”). Furthermore, when you do not accept sending your geolocation data by your mobile device settings, geolocation data will not be sent to us.

1.3 Personal Data We Receive from Third Parties 

In order to provide you with an optimized Service, we may receive your personal data from third parties. Upon receipt thereof, there are cases where your personal data is received from partners operating their specific services and where your personal data is received from partners operating services linked to the Services.  If you use any services linked to a third party, we may automatically issue an internal identifier to associate your personal data with such service, and share the same with such third party.

1.4 Personal Data Required for Business Relationships

When you or our Business Partner you work for, represent, or act on their behalf wish to use a specific Service, to purchase a Service, make an inquiry, we may ask you to provide personal data required for communicating with you and conducting transactions with you, for example, name, surname, nickname, phone number, address, email address, position, organization, government identification document, and signature, depending on the nature of the transaction.

If you or our Business Partner you work for, represent, or act on their behalf purchase the Service from us or enter into a contract, you may be required to provide personal data for entering into a contract, carrying out a transaction, and making the payment of such Service. 

In order for us to answer any requests or questions that you or our Business Partner you work for, represent, or act on their behalf send to our customer support, we may ask you to provide your personal data required for identifying and investigating the event or resolving the problem, such as your contact information including your phone number or email address, and details of the trouble that you have encountered.

We may collect your personal data as explained above directly from you or from our Business Partner you work for, represent or act on their behalf.

1.5 Personal Data Collected from Public Source 

In some cases, we may collect your personal data from publicly available sources (e.g. website, social media etc.). We will use your personal data only for the purposes compatible with the purposes for which such personal data is publicly disclosed, for example, we will use your telephone number published on your website and/or our Business Partner’s website for the purpose of contacting you about our transaction with you and our Business Partner. 

1.6 Personal Data Collected from Group Companies

We may collect your personal data  from our affiliates, subsidiaries, and group companies according to their terms or policies. For the privacy policy that is applicable to the separate services provided by our group companies, please refer to privacy policy of such services. 

1.7 Sensitive Personal Data

   (1) Sensitive Personal Data on Government Identification Document 

For sensitive personal data as shown on the government identification document (e.g., race, religion, blood type etc.), we do not intend to collect such sensitive personal data from you. In this regard, when you provide government identification document to us for identity verification purposes or other necessary purposes, please remove or redact the sensitive personal data before delivering the identification document to us. If the sensitive personal data contained in the government identification documents received by us is not redacted, we will remove or redact such sensitive personal data for security purpose of your sensitive personal data. In that case, no sensitive personal data will be deemed to be collected from you.  

   (2) Sensitive Personal Data for Provision of Certain Services 

Where it is necessary to collect your sensitive personal data for the purpose of providing our Services, we will obtain your explicit consent for our collection of your sensitive personal data unless we are permitted under the applicable laws to collect your sensitive personal data without your explicit consent.

1.8 Personal Data We Collect on Behalf of Our Customers

In some cases, we collect personal data under the instructions or on behalf of our individual customers and corporate customers which use Services we offer (collectively referred to as “Customers”), to provide Services to them. In such case, the Customers which use our Services are considered as data controllers. We are merely their data processor acting on their behalf. Therefore, the collection, use, and disclosure of personal data by our Customers through our Service is governed by their privacy policy and not subject to this Policy. 

2. How We Use Personal Data We Collect

In general, we use the personal data we collect to provide and operate the Services, to select you or the Business Partner you work for, represent, or act on their behalf as our Business Partner, to enter into an agreement with you or our Business Partner you work for, represent, or acting on their behalf, to conduct business transactions, to fulfill our contractual obligations with you or our Business Partner you work for, represent, or acting on their behalf, to make or facilitate payments, to respond to your requests or the requests from our Business Partner you work for, represent, or acting on their behalf, to communicate with you, to provide customer service and technical support, and to offer you the promotions from us and/or from our affiliates and business partners. 

To the extent applicable, when you participate in our Campaign we will use your personal data in order to allow you to apply or register to participate in the Campaign, to verify your identity and to confirm your participation eligibility, to verify your compliance with the conditions/requirements of the Campaigns, to communicate with you and respond to your enquiry regarding the Campaign, to announce winner, and to deliver any prizes you may win, and other purposes related to the organization of the Campaign you participate.  

We may also use your personal data for the following purposes:

- To check your background and status as a part of a Business Partner selection process. 
- To develop and improve the Services and systems to enhance our Services standard.
- To record images and/or voices relating to the meetings, trainings, seminars, recreations or marketing activities. 
- To conduct marketing analysis.
- To deliver targeted marketing, targeted advertising, service updates, and promotional offers based on your communication   preferences.
- To send you notices and communication.
- To verify your identity and prevent spam or other unauthorized or illegal activity.
- To better understand how Users access and use our Services, both on an aggregated and individualized basis, in order to improve our Services and respond to User desires and preferences, and/or for other research and analytical purposes.
- To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities
- To manage business relationships with you or our Business Partner you work for, represent, or act on their behalf such as to keep records, documentation, and files
- To manage our financial activities, for examples, payment, auditing, accounting and related activities.
- As necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal obligations.
- As necessary for our legitimate interests or legitimate interests of any other person or legal person.
- For preventing or suppressing a danger to a person’s life, body or health.
- As necessary for the performance of a task we carried out in the public interest, or it is necessary for the exercising of official authority vested in us.
- For the achievement of the purpose relating to the preparation of the historical documents or the archives for public interest, or for the purpose relating to research or statistics with appropriate security measure.

If you do not provide your personal data to us, we may not be able to facilitate, communicate or provide some or all of our Services to you.

3. Legal Bases

If permitted under applicable laws, we may collect, use, and disclose your personal data with any of the following legal basis:
(1) the collection, use, and disclosure of personal data is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract;
(2) the collection, use, and disclosure of personal data is necessary for compliance with a legal obligation to which we are subject (e.g., when following the information disclosure orders based upon laws and regulations announced by government agencies);
(3) the collection, use, and disclosure of personal data is necessary in order to protect vital interests of yours or of another individual; or 
(4) the collection, use, and disclosure of personal data is necessary for the legitimate interests pursued by us or by a third party, except where such interests are overridden by your privacy related rights, interests, and freedom (including improvement of operations or systems, prevention of fraud, maintenance of security, our marketing, and our research performed by us); 
(5) the collection, use, and disclosure of personal data is necessary for any purpose related to public interest;
(6) the collection, use, and disclosure of personal data is necessary for the achievement of the purpose relating to the preparation of historical documents or the archives for public interest, or any purpose related to research, or statistics supported by proper security measures.

We will obtain your consent separately when we collect, use, and disclose your personal data which necessarily requires consent.

4. How We Share Personal Data

We may disclose and/or transfer your personal data to the following parties within Thailand and/or to overseas, which such destination countries may or may not have an adequate data protection standard similar to Thailand.

4.1 Our Affiliates and Subsidiaries
We may disclose the personal data we collect to our affiliates and subsidiaries for the purposes under this Policy. 

4.2 Service Providers
We may disclose the personal data we collect to third party vendors, service providers, contractors or agents who perform functions on our behalf. 

4.3 Business Transfers
We may disclose the personal data we have collected to another company in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business.

4.4 Third Parties and Partners
We may share the personal data with our third party partners, including advertisers where the disclosure of your personal data has a specific purpose and under lawful basis, as well as appropriate security measures. For example, if you post content that mentions one of our advertisers, we may share that content with them. 

Other than as described in this Policy, we will not provide your personal data to any third parties without your consent, unless we believe in good faith that we are required or permitted to do so under applicable laws, except for cases where you use services linked to a third party, or other cases where the minimum personal data necessary for partners to identify Users is provided.

4.5 In Response to Legal Process
We also may disclose the personal data in order to comply with the law, a judicial proceeding, court order, subpoena, or other legal process. For example, we may share your IP address or other identifier or any other information we have collected about you and your device.

4.6 To Protect Us and Others
We also may disclose personal data if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service or this Policy, or as evidence in litigation in which We are involved.

4.7 Aggregate and De-Identified Information
We may also share aggregate or de-identified information about Users with third parties for marketing, advertising or similar purposes.  

5. International Transfer 

We may transfer personal data to a third party or servers located outside of Thailand which may or may not have any data protection laws which are equivalent to those in Thailand when such transfer of personal data is permitted under applicable laws.

We will ensure that the transfer of personal data complies with the requirements applicable laws. For example, we may adopt standard contractual clauses or other means pertaining to data protection laws in Thailand.


6. How Long Do We Keep Your Information

We generally only keep your personal data to the extent necessary for the performance of our Services and/or obligations and for as long as is reasonably required for the purposes explained in this Policy or as required by applicable data protection laws, (such as a prescription period or period specified by the Civil and Commercial Code, Revenue Code or anti-money laundering laws, etc.). We will also retain personal data if we reasonably believe there is a prospect of dispute/litigation to the extent permitted by applicable laws. 

7. Security Measures

We are taking technical, physical, and organizational security measures in managing the collected personal data for respecting and protecting your privacy and confidentiality, integrity, and availability of your personal data, and preventing unauthorized access to your personal data as required by personal data protection law. These measures include safety control measures based on industry standards for preventing unauthorized access to personal data and components of significant information system, appropriate user access management, imposition of user responsibilities, and arrangement for audit trail in relation to access, alteration, correction, or deletion of personal data as appropriate.   

8. Minors and Children

Our Services are not directed to children under the age of 11 years old, and we do not knowingly collect, use, and/or disclose personal data of children under 11 years old.

If we are aware that personal data of children under the age of 11 years old has been collected, used, and/or disclosed on the Service without parental consent or appropriate legal basis, then we will take the appropriate steps to delete or anonymize this personal data unless there is legal ground for us for the collection, use, and/or disclosure of such personal data. 

9. Cookies

We use cookies and similar local storage technologies.

A cookie is a small text file that is stored on your computer when visiting a website. This text file stores information that can be read by the website when visiting it again at a later date. Some of these cookies are necessary because otherwise the site is unable to function properly. Other cookies are convenient for the visitor: they remember your username in a secure way as well as your language preferences, for example. Cookies mean that you do not need to fill out the same information each time you visit a website.   
We use cookies:

- To help us maintain your session when you use Services and/or any additional services.
- To enhance security of our systems.
- To store your preferences and provide customized services to you.
- To help us understand how people use Services and to improve them.

Most Internet browsers allow you to control whether or not to accept cookies. If, however, you deactivate cookies or limit the ability to set cookies, you may not be able to obtain the full benefit of the Website or access all of its functions, which may limit your overall User experience.


10. Third Party Analytics

We may use automated devices and applications, included those offered by third parties to evaluate usage of our Services. We also may use other analytic means to evaluate our Services. We use these tools to help us improve our Services, performance and User experiences. The information collected may include unique device identifiers, device manufacturer and operating system, IP address, mac address, browser type, session start/stop time and User activity.
 

11. Third-Party Links

Our Services may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third party websites.

12. Your Rights

Subject to applicable laws, you may have the following rights with respect to your personal data:

(1) You have right to withdraw consent for collection, use, or disclosure of your personal data that is based on your consent at any time. However, if you withdraw your consent, we may not be able to facilitate, communicate or provide some or all of our Services to you;
(2) You can request access to, obtain a copy, of your personal data that we hold about you, and request the disclosure of the acquisition of the personal data obtained without your consent;
(3) You can request us to rectify your personal data to be accurate, up-to-date, complete, and not misleading;
(4) You have a right to request us to provide your personal data or transmit that personal data to another organization;
(5) You have a right to object to us or restrict us from collecting, using, or disclosing your personal data in certain circumstances;
(6) You have a right to request us to erase or destroy or anonymize your personal data in certain circumstances as applicable with law; and
(7) You have right to lodge a complaint with the competent public authority if you believe that we have not complied with law.

You can exercise these rights by contacting us per the details below.


13. Contact Us

If you have any questions about the privacy aspects of our Services, comments, concerns or would like to make a complaint about this Policy, please contact us via the Contact Form or by writing to:

LINE Company (Thailand) Limited
Attn: Privacy Policy
127 Gaysorn Tower, Unit A 17th Floor 
and Unit D, E, F, G, J 18th Floor, Ratchadamri Road 
Lumpini Subdistrict, Pathumwan District Bangkok 10330 Thailand

Data Protection Officer ("DPO")
dpo-thailand@linecorp.com

14. Changes to this Policy

This Policy is current as of the last revised date set out below. We may change this Policy from time to time and will notify you of such change. Where applicable and required, we will ask for your consent for any change that your consent is needed.

Formulated 12 September 2020
Last revision on 11 May 2023