LINE BK Privacy Policy

Latest Update: 20 November 2024

KASIKORN LINE Co., Ltd., its subsidiaries and companies within its business group controlled by KASIKORN LINE Co., Ltd (collectively the “Company”, “we”, “us” or “our”) aim to develop the innovations of products and services for financial services under digital channel. We always place importance on personal data protection and security to ensure that your personal data obtained by us will be used in accordance with the objectives and in compliance with the law. This LINE BK Privacy Policy (this “Policy”) is developed to inform you, as a data subject, of the objectives and details for collection, use and/or disclosure of personal data, including your legal rights.

Please read this Policy carefully to acknowledge and understand the purposes for which we collect, use, and/or disclose your personal data. We may from time to time develop and propose new products and additional services. If such services result in material change to how we collect and process your personal data, we shall inform you of the additional data or provisions or policy accordingly unless otherwise specified. Upon our offer of new or additional services, such services shall be subject to this Policy. If you do not agree with the contents of this Policy, you are able to decide whether or not to use our services.

1. What is the objective of this Policy?

This Policy is developed to inform you, as a data subject, to understand the purposes and details of the collection, use, and/or disclosure of your personal data as well as your legal rights, subject to the applicable laws for the personal data protection, in relevant with personal data in connections with all products and/or services provisions (collectively referred to as the “Services”, “Service”) of the Company, regardless of whether or not such Services are made through the financial services via LINE BK Channel on LINE Application.

2. To whom will this Policy apply?

This Policy shall apply with the following persons:

(1) Individual customers of the Company and;

(2) Individual persons who are not the Company’s customers which means the persons having no Services with the Company, but the Company necessarily requires to collect, use, and/or disclose their personal data, e.g., the persons visiting the Company’s website or accessing the Company’s application or taking the services at the Company’s office, the actual beneficiaries, directors or the lawful representatives of the company using the Company’s Services, professional consultants, including the Company’s directors, investors, and shareholders, and their respective legal representatives, including any persons related to business activities made with the Company.

The persons described in (1) and (2) are collectively referred to as “you”, “your” or “yours”.

At certain times that you can access the Services provided by other providers via the Company’s platform, your personal data shall be entirely processed according to the privacy policy of such provider, therefore, the Company suggests you read and understand the privacy policy of such provider.

3. Which personal data is collected, used, and/or disclosed by us?

3.1 Personal Data means the data which can directly or indirectly identify you (except for the deceased) as follows:

3.2 Sensitive Personal Data means the personal data which is specifically determined by law that represents the actual matters of the person such as information about race, religion, political opinion, criminal record, labor union information, disability, genetic information, sexual behaviour, health information, biometric information (e.g., fingerprint recognition data, face recognition data, iris recognition data, voice recognition data, etc.). We have no policy to collect, use and/or disclose such Sensitive Personal Data from you unless we have been given an explicit consent by you for the purpose of identification and verification and/or for electronic signature while applying for the Services, performing a transaction through our digital channel, online channels, or our call center including any other channel prescribed by us. For our legal rights as permitted by law (e.g. establishment, defense, compliance with or exercise of legal claims, for satisfying legal obligations or any actions as prescribed by law) which we are required to collect, use and/or disclose Sensitive Personal Data of you, it shall be undertaken on a case-by-case basis.

(Unless specifically stated otherwise, personal data and Sensitive Personal Data as earlier mentioned shall hereinafter be collectively referred to as “Personal Data”.)

3.3 Personal Data of third parties: If you provide Personal Data of any other third party who is a personnel of Juristic Person and/or who has involvement with you to us, you are responsible for notifying third parties of the details of this Policy and obtaining any required consent from them (where consent is required) and you must also ensure that we can lawfully collect, use, and/or disclose those third parties' Personal Data as set out in this Policy. The example of activities we receive third parties Personal Data involved to you includes authorized persons, the assignee of the power of attorney, guarantors, joint account holders, beneficiaries, contact person for debt collection, insurance premium payer, trustee, contact person, reference person, emergency contact person, family members, and/or any other person per document of your transaction, third parties’ customers, or in case you request us to disclose Personal Data of others to third parties etc.

3.4 Personal Data of minors, incompetent or quasi - incompetent persons: The Company has no intention to collect, use and/or disclose Personal Data of minors, the incompetent or quasi - incompetent persons, unless consent from the guardian, the appointed guardian, or the appointed curator (as the case may be) is given to the Company. If the Company discovers that the collection, use and/or disclosure of Personal Data of minors, the incompetent or quasi - incompetent persons is undertaken without consent from the guardian, the appointed guardian or the appointed curator (as the case may be), the Company shall delete or destroy such Personal Data, or collect, use and/or disclose such Personal Data only for the cases where the Company has other lawful bases that required no consent.

While Minors, incompetent or quasi - incompetent persons who lack the legal capacity to perform any legal obligations under any applicable laws shall not be able to use the Company’s Services unless consent given by the guardian, the appointed guardian, or the appointed curator (as the case may be) or with relevant legal basis.

4. Channel for Collection of Personal Data

We collect your Personal Data in various ways depending on how the company within our business group has contacted you.

4.1 The Personal Data you have directly provided to us or is in our possession from applying or using our Services, contacting, visiting, or searching through the digital channels, or call center, delegated persons, or any other channels such as website, application, online social network platforms of the Company, e-mail, telephone or mobile phone, post mail, SMS, survey, business card, meetings, trainings, seminars, events, recreations, booth activities, promotional and marketing activities, contact or any other channels.

4.2 The Personal Data obtained or accessed by us from other sources including but not limited to the government entities, National Credit Bureau Co., Ltd., financial institutions, the companies within the Company’s business group, our business partners, companies that jointly issue products and/or services with us, financial consultants, information service providers, our customers, individuals or juristic persons conducting a transaction with us (as you having involvement with such transactions as mentioned above), online social media, online platform of third party, public data sources (such as Government Gazette), a person having legal authority or legal right, any other person or agency with which we have a legal relationship, etc.

5. What are our objectives to collect, use, and disclose Personal Data?

The Company may collect, use, and/or disclose your Personal Data for the following objectives (Some objectives may or may not apply to you, please consider the objectives in accordance with your relationship with us on a case-by-case basis.) including but not limited to;

5.1 To comply with the agreement, you have made with the Company (Contractual basis) such as:

  • To perform any necessary actions upon your request to register and create account for our Services (e.g., LINE BK account);
  • To perform operation related to a contract, agreement, term and/or any other juristic act for use of our Services;
  • To assess and check for accuracy of information as well as evidence and documents, to perform identification and verification process to enable you to apply for and obtain our Services, to create and verify your electronic signature for the Services provision through the provided channel;
  • To verify your log in credentials for obtaining Services through our website, application or platform including to perform identity check upon receiving of your request or instruction;
  • To approve your request for any of our Service provision such as account opening, granting the loan, payment for insurance policy, etc.;
  • To perform any necessary actions to ensure undisturbed and smooth Services (including but not limited to processing, outsourcing, assigning rights and/or duties, software upgrade, and service improvement);
  • To contact and/or notify you of the important information and to contact you as the Company deems appropriate such as documents servicing, notification, or debt collection;
  • To perform any other activities necessary to provide the Services or to complete the Services as your request.
  • To perform activities related to the transfer of claims, including the transfer or sale of debt from debtors, either in whole or in part, to the assignee. 

5.2 To comply with the relevant or applicable laws (Legal obligations), in Thailand or other countries, which are now being enforced, to be amended or to be enforced in the future including any directives, rules, practices, or procedures issued by the legal or regulatory authorities to which the Company is obligated to comply with (including but not limited to responding to the orders or requirements from the regulatory authorities, disclosing information to the regulatory authorities, and accounting audit, in-depth audit, and investigation such as the Bank of Thailand, the Office of Insurance Commission, the Securities and Exchange Commission, the Anti-Money Laundering Office, Electronic Transactions Development Agency, the Revenue Department, or upon the receipt of the subpoenas, writ of attachment from public agencies or court, etc.).

5.3 To obtain the Company’s legitimate interests not exceeding the extent reasonably anticipated by you as follows:

  • To prevent the occurrence of any fraud or unauthorized acts while using the Services;
  • To prevent, detect, analyse, and manage information technology and communication system to mitigate potential risk arise from information technology and cyber threats;
  • To prevent, detect, analyse, and manage the potential risks related to law violation or suspicious transaction (e.g. bankruptcy, fraud, corruption, money laundering, terrorism and proliferation of weapon of mass destruction financing, offences related to intellectual property, life, body, liberty or fame, collecting evidence, audit and reporting in preventing, coping with, and reducing the aforementioned risks;
  • To share or disclose Personal Data to elevate the operational standard of the Company, its affiliates and the companies within its business group in preventing, coping with, and reducing the potential risks arise from business risks (e.g. credit risk or contractual breach), fraud, corruption, any of law violations including information technology risk and cyber threats;
  • To share or disclose Personal Data to elevate the operational standards of the Company, affiliates and the companies within its business group to encompasses strategy formulation, internal management such as performance measurement, reporting, and executive presentations, task delegation for customer care, and improving product and service quality.
  • To perform risk management/internal audit and compliance/internal management such as review of customer credit quality, review of credit limit and interest rate, to reconcile the accuracy of your financial information and transactions of Services
  • To process Personal Data to formulate strategies or create various reports for internal management such as performance reports, dashboards, and reports for internal department and executive presentations.
  • To provide you the customer service and to enable the Company to efficiently respond to your inquiry (including but not limited to complaints handling, customer satisfaction assessment, provision of information regarding the new Services development and/or future Services);
  • To anonymize your personal information (Anonymous Data);
  • To conduct database or record data in the system or database for internal operation process of the Company e.g. customer or applicant database, third-party database;
  • To conduct marketing operations which do not require your consent under the law such as
      (1) Consideration of customer groups for sending invitation to join activities or sales promotion as appropriate
      (2) Submission of the products and/or services offering, privileges for attending activities, events or meeting held by the Company, including facilitating to join activities (such as event registration)
      (3) Offering of products, services and/or privileges that you have requested or providing benefits notifications to you
      (4) Offering of products and/or services of the same type or close to those you are using with the Company or other companies within our business group
      (5) Operating of sales promotional activities (such as provision of benefits and gifts), providing benefits and operations in accordance with customer benefits
  • To collect, analyse, research and/or conduct statistical analysis which do not require your consent under the law in order for development or improvement of our Services provision and Services jointly provided by our business group or our business partners, for improvement of our marketing campaigns and sales schemes for the maximal benefits to you such as to conduct the Company’s performance reports, to conduct reports used in Services’ performance monitoring and assessment, to perform marketing research/analysis, to conduct statistical information, and to study/process/analyse in obtaining models (e.g., credit scoring);
  • To test the new development or improvement of our Services before actual implementation.
  • To provide consultation, advice or any other information relevant to the Services including to perform analysis and assessment of your interests and preferences,
  • To facilitate you during application of the Services either new, re-application or dropping-off such as pre - filling of your Personal Data or notification of application progress.
  • In connections with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documents, obtaining legal opinion and prosecuting) and/or to protect and execute the Company’s contractual and legal rights and obligations;
  • To contact, film, image or voice recording during meetings, trainings, seminars, recreations, or booth activities;
  • To prepare and store important documents of the Company, such as business registration certificate, certificates, shareholder registrations, meeting appointments, minutes of meetings of the Board of Directors or sub-committees or shareholders' meeting;
  • To conduct security and safety measures (such as CCTV recording) within the Company’s area;
  • Parcel or document receipt and delivery.

5.4 Upon the Company’s receiving prior consent from you which the Company cannot apply other lawful basis, the Company will collect, use, and/or disclose the Personal Data as follows:

  • Under the necessary basis, to collect, use and/or disclose your Sensitive Personal Data;
  • To conduct marketing, advertising, and public relations enabling the Company, other companies within its business group, business partners, or other juristic persons, to propose its Services including the special offers relating to you or for other objectives reasonably relating to such objectives;
  • To send news, information, promotion, and marketing information of the Services provided by the Company, other companies within its business group, business partners, or other juristic persons to you;
  • To analyse, research and/or conducting statistical analysis including those for development, improvement of the Services of the Company, other companies within its business group, business partners or other juristic persons that require your consent in accordance with law.
  • To submit or transfer your Personal Data to other countries which insufficient Personal Data protection standards comparing to that of Thailand (except the case of such transferring is otherwise permitted without consent in accordance with the applicable data protection law).

We may request your consent directly or via other companies within our business group, business partners and/or other juristic persons on a case-by-case basis.

5.5 To prevent or suppress a danger to your life, body, or health (Vital Interest), such as:

  (1) To control and prevent contagious or pandemic deceases;
  (2) To contact on emergency purpose; and
  (3) For security and safety within the Company’s area.

If we need to collect, use and/or disclose your Personal Data for execution of or compliance with a contract that you have entered into with us or for our performance of duties under the law and you, upon request, do not provide such necessary Personal Data to us or you have chosen to delete your user account from our website or application or platform, we may not be able to approve or deliver/provide products and/or services, either partly or wholly, for you and it may impact on our performance of duties under the law or your relationship with us.

6. How do we share the information with others?

Under your consent or criteria permitted by law and in compliance with the objectives mentioned in Clause 5, the Company may disclose or transfer your information to the following persons/juristic persons as follows:

(1) The companies within the Company’s business group including but not limited to KASIKORNBANK PCL, the companies within KASIKORNBANK FINANCIAL CONGLOMERATE (the details are available on http://www.kasikornbank.com/financial-conglomerate), LY Corporation and its affiliates including LY Corporation, LINE Financial Corporation and LINE COMPANY (Thailand) Co., Ltd.;

(2) Third-party service providers, sub-contractors, trade partners, or the representatives performing duties on behalf of the Company or to support the provision of our Services to you (“Third-party Service Provider”) where the Company may delegate the Third-party Service Provider to manage the Personal Data collected from you, in whole or in part, to perform service on behalf of the Company with respect to the need of doing such services. In such circumstances, the Company will take steps to ensure that the Third-party Service Provider abides by the applicable laws and regulations, including by adequately assessing the qualifications and eligibility of the Third-party Service Provider, stipulating a confidentiality clause in the relevant agreement with the outsourced contractor, and establishing an appropriate information administration system;

(3) Business partners (e.g., the company who jointly provide the Services, the companies participating in projects with us);

(4) Advisors or experts (e.g., financial auditors, legal advisors, tax advisors or other advisors or experts, as the case may be);

(5) The prospective assignee, assignee or relevant third parties in case the Company may conduct business amalgamation, separation, transfer, or any other actions which may result in the transfer of your Personal Data collected by the Company to any third parties;

(6) Government agencies, regulatory authorities, associations, agencies or any other person as necessary to perform duties under laws or regulations or for law enforcement such as the Bank of Thailand, the Office of Insurance Commission, the Securities and Exchange Commission, the Anti-Money Laundering Office, the Revenue Department, court, police officer, or any other agencies having legal authority or legal rights to issue orders or subpoenas requesting us to disclose or transfer of your Personal Data or properties such as the Legal Execution Department;

(7) Any other third party for the objectives as specified in this Policy.

7. Will we transfer your Personal Data to other countries?

We may need to submit or transfer your Personal Data to other companies within our business group located in other countries, or to other recipients of data, as part of our normal business operation (e.g., foreign trade partners, business partners, online social media service providers or government agencies in other countries) such as sending or transferring Personal Data for storage on cloud platforms or servers located in other countries.

In case the Company is necessarily required to submit or transfer your Personal Data to any third parties located in other countries where the receiving countries do not maintain adequate standard levels of personal data protection as in Thailand, the Company will ensure that the sending and the transferring is in compliance with legal requirements and will put in place the Personal Data protection measures as necessary, appropriate and consistent with confidentiality measures such as requiring such third parties to represent and warrant that the transferred data will be protected by data protection standards which are equivalent to those required in Thailand.

8. The Company’s Use of Cookie

The Company uses Cookies to help collecting your information regarding the use of the Company’s website and application in order to improve the Company’s Services, enable the Company in offering products and services which match to your preferences, provide you the security while using the Company’s website and application, and allow the Company to recognize your device when you return to the Company’s website or application. For more details of the Company’s uses of cookies, purposes of use and management procedure, please refer to the Company’s Cookie Policy available on www.linebk.com/en/privacy-policy/#cookies-policy

9. How long do we retain your Personal Data?

9.1 The Company will retain your Personal Data as long as you are using the Company’s products and/or services or as necessary during the period of the business relationship with the Company, or for as long as necessary in connection with the purpose set out in this Policy or to comply with the applicable laws and regulations or to prove and examine in the vent of dispute within prescription stipulated by law such as the period of 10 years of the date of business relationship dissolution, etc. In this regard, the Company will delete, destroy or anonymize the Personal Data upon the expiry of necessity of such period.

9.2 The Company may retain your Personal Data upon the following reasonable necessities:

  • To comply with the applicable laws and regulations or legal duties;
  • To support the Company’s products and/or services that you use;
  • To settle the existing disputes or disputes occurred during the applicable period or;
  • To detect and prevent unauthorized, fraudulent, or unlawful use of Services.

10. How do we take the security measure to protect your Personal Data?

The Company shall apply technical, administrative, and physical safeguard measures for safekeeping of your Personal Data in order to maintain confidentiality, accuracy, completeness, and availability of Personal Data to prevent damage, unauthorized or illegitimate access, collection, revision, rectification, use and/or disclosure of Personal Data in accordance with legal requirements.

11. How does the Company maintain the quality of information?

The Company has set the procedure to ensure your Personal Data and your service information is reliable, accurate and update with the standard in comparable to the industry. In addition, the Company has the procedure to manage the incorrect information in order to verify/revise in response to your request.

In the case that LY Corporation or KASIKORNBANK PCL sends your Personal Data to the Company with your prior consent, and such Personal Data is not consistent with the existing Personal Data in the Company’s current possession, the Company may in its sole discretion to replace or correct its existing records using the newly acquired information from LY Corporation or KASIKORNBANK PCL for accuracy, update and consistency.

12. What are your rights related to your Personal Data?

Your rights under this item are legal rights that you should be aware of. You can exercise your rights as stipulated by law and this Policy currently available or to be amended in the future, including criteria determined by the Company.

12.1 Right to withdraw consent

You are entitled to withdraw your consent previously given to the Company for collection, use, and/or disclosure of your Personal Data at any time except that such right of withdrawal is limited under the applicable laws or the agreements you have obliged with the Company or other service providers under the LINE BK Channel.

12.2 Right to object

You are entitled to object the collection, using, and/or disclosing of your Personal Data as follows:

(1) For information collected from necessity for public interest of the Company or necessity for legitimate interest of the Company except for that the Company can demonstrate more importance of legitimate interest or establishing legal claims, complying with laws, raising legal excuse, or to defend legal proceedings, depending on a case by case basis.

(2) For collection, use and/or disclosure of Personal Data for products or services offering, and special direct marketing offers.

(3) For collection, use and/or disclosure of Personal Data for the purpose of research and statistical analysis, data assessment, except for necessity to accomplish the Company’s public interest tasks.

12.3 Right to access information

(1) You have the right to access, view and request a copy of your Personal Data from the Company which the Company has collected from the use of the Company’s Services.

(2) In the case that you request to access your Personal Data (including copies of your Personal Data) that you are unable to confirm/access the Services via the LINE BK Channel, the Company may impose you a service fee for the disclosure procedures.

12.4 Right to rectify information

You have the right to confirm, add, or rectify your Personal Data registered for the use of the Company’s Services at any time to be accurate, updated, complete and not misleading.

12.5 Right to data portability

You have the right to obtain your Personal Data from the Company in the case the Company has prepared such information in readable format or usable by any automated equipment or device capable of using or disclosing automatically including but not limited to transfer of such information format to another data controller unless not technically feasible. Your aforementioned Personal Data must be that under your consent granted to us to collect, use and/or disclose, or must be Personal Data that we are required to collect, use and/or disclose to allow you to use our products/services in accordance with your intention wherein you are a contract party with the Company, or to undertake operations per your request before using the Company’s Services, or it must be other Personal Data as determined by competent authorities.

12.6 Right to erasure

If you have discovered that your Personal Data registered with the Company has been changed or is incorrect, you have the right to request the Company to erase or discontinue collecting, processing, or using your Personal Data unless the Company is allowed to continue to keep, process, use and/or disclose your Personal Data as permitted by the applicable laws and regulations.

In addition, you have the right to request the Company to erase or destroy or anonymize your Personal Data in the following cases:

(1) When the Personal Data is unnecessary for retention in accordance with the purpose of collection, use, and/or disclosure;

(2) When you, as the data subject, have withdrawn consent for collection/use or disclosure of Personal Data and the Company has no legitimate interest to collect, use and/or disclose Personal data;

(3) When you, as the data subject, objects on such collection/use or disclosure of your Personal Data as the Personal Data is no longer necessary for collection/use and/or disclosure under the purpose given or for direct marketing;

(4) When the Personal Data is collected, used and/or disclosed unlawfully.

12.7 Right to restrict processing

You have the right to request the Company to suspend processing of your Personal Data under the following cases:

(1) During the Company investigation pursuant to your request;

(2) Personal Data which must be erased or destroyed because it is unlawfully collected, used, and/or disclosed but you request for suspension instead;

(3) When the Personal Data is no longer required retain information in accordance with the purpose of collection, but you have requested to retain for the purposes of establishing the legal claims, complying with laws, raising legal excuse, or to defend a legal proceeding;

(4) When the Company is proving that the Company’s legitimate interest is more important or establishing legal claims, complying with or raising excuse against legal claim after your objection to the collection, use, and/or disclosure.

12.8 Right to lodge complaint

You are entitled to lodge a complaint to relevant competent authorities if you believe that the collection, use and/or disclosure of your Personal Data violates or does not comply with applicable laws.

In this regard, your rights set forth above limit to the Personal Data you provided to us but not include the data where we have created for internal use. We may not be able to respond to your request if such collection, use, and/or disclosure is necessary to comply with the relevant laws or for our legitimate interest.

The Company may take within 30 days processing time to complete the request after receiving all necessary information from you. For revoking of your product/service offering consent, the Company may take within 7 days processing time to complete the request after receiving all necessary information. In some cases, the processing time can be changed subject to the complication and size of the request or subject to the force majeure event.

13. Withdrawal from the Services

13.1 If you decide to terminate the use of all the Company’s products and services, all information (including but not limited to Personal Data) relating to you will be handled in accordance with the applicable laws and regulations, this Policy, and the Company’s other policies. However, such termination shall not be deemed as the withdrawal of consent the Company’s use and disclosure such information unless otherwise specified in writing.

13.2 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of the request, the Company may no longer be in the position to continually provide you the Services or unable to administer any contractual or legal relationship in place, which in turn may also results in the termination of any agreements made with the Company, and you are deemed committing a breach of contractual obligations or undertakings. The Company’s legal rights and remedies in such event are explicitly reserved.

14. Modification to this Privacy Policy

We amend the LINE BK Privacy Policy from time to time. We will notify you upon any important changes we have made via LINE Application, our website via www.linebk.com/en/privacy-policy, or by other reasonable means.

15. Information Channel

If you have any inquiries or a request to exercise your rights relevant to your Personal Data collected, used, and/or disclosed by the Company, you may contact the Company and/or the Data Protection Officer via the following channel:

You can request to exercise data subject rights or inform about issues related to your Personal Data via our form at https://www.linebk.com/en/notices/detail/pdpa-form

16. Language

This Policy is made in both Thai and English versions. If there is any discrepancy between both two versions, the Thai version shall prevail.

 

 


LINE BK Privacy Policy Addendum

Latest Update: 20 November 2024

To support the LINE BK channel service and any financial services provided by KASIKORN LINE Company Limited and the companies under its control (collectively the "Company"), whether or not such services are account based (the “Service”), LY Corporation (“LY,” “we,” “us,” or “our”) has adopted this LINE BK Privacy Policy Addendum to LY Corporation Privacy Policy to explain our handling of the additional information obtained, used, or shared by LY. The LINE BK Privacy Policy Addendum supplements the provisions of LINE BK Privacy Policy, which remain in effect and apply equally to the additional items of information described in this Addendum.

Information Shared by LY to the Company

You agree that in order to provide and facilitate the Service, to provide customer support with respect to the Service, to prevent unauthorized use of the Service including to prevent, detect, analyse, and manage the potential risks arise from business risks of the Company (e.g. fraud, information security risk, cyber threats or any potential law violations), to enhance and/or develop better Service based on data analytics, research, and statistical analysis, to update your contact information in supporting the Company’s debt collection activities and offering special debt relief programs, LY may provide the personal information that collected and generated by LY to the Company, subject to the applicable laws for the personal data protection, to the necessary extent of providing the Service which is described in LINE BK Privacy Policy.

When you submit a correction request to LY requesting that LY updates your personal information in our records according to the information submitted, LY collects such personal information for the purpose of updating our records. LY also automatically shares such personal information with the Company for the purpose of updating the Company records, so as to provide the Service and to ensure a seamless user experience.

Your Rights

If you have any inquiries or a request to exercise your rights relevant to your Personal Data shared by the LY and its affiliates, you may contact the Company via our form at https://www.linebk.com/en/notices/detail/pdpa-form. We will respond to your requests within a reasonable period of time after verifying your identity in accordance with the applicable laws.

Information Shared by the Company to LY

Please refer to the LINE BK Privacy Policy for details on the information shared by the Company to LY.

Changes to the LINE BK Addendum

We may amend the LINE BK Privacy Policy Addendum from time to time to reflect changes to the LINE BK service and relevant law and regulation. We will let you know when we make any important changes to the LINE BK Privacy Policy Addendum via the LINE application or by other reasonable means. You can always access LINE BK Privacy Policy and LINE BK Privacy Policy Addendum at www.linebk.com/en/privacy-policy

The last time we updated the LINE BK Privacy Policy Addendum was 20 November 2024.

 

 


LINE BK Cookies Policy

Latest Update: 1 April 2024

KASIKORN LINE Co., Ltd., its respective subsidiaries, and the entities under its control (collectively the “Company,” “we,” “us,” “our”) may use cookies or other similar technologies (“Cookies”) on our websites and/or applications to help you receive better experiences from our service and allows us to improve quality of services to better serve your needs. We developed this Cookies Policy to inform you which may be amended from time to time.

1. What are Cookies?

Cookies are small text files that are placed on your computer, your mobile phone, or your device (collectively the “Device”) by the Company website/application that you visit. The term Cookies throughout this policy covers a range of similar technologies such as Pixel-tag (transparent graphic images placed on website/application), mobile device identifiers, or web storage used in Devices’ software. They are widely used to make website/application work, or work more efficiently.

2. What type of Cookies the Company use?

The types of Cookies that the Company uses include but not limited to the following:

Third party’s Cookies: In case the Company has connected to external platforms provided by third party such as our business partners, marketing network entities, social network entities, etc., such Cookies shall be processing according to the Cookies Policy of the third party, therefore, the Company suggests you to read and understand the Cookies Policy and the Privacy Policy of such third party provider.

3. How the Company collect and use Cookies

Use of Cookies helps the Company to collect and store your information automatically such as:

  • Internet domain and IP Address
  • the type of browser software and configuration and operating system used to access the website/application;
  • language used when you visit or use the website/application;
  • location or address (subdistrict, district, province, city, state, country) while you visit or use the website/application;
  • device information, model and type
  • the date and time you access the website/application;
  • if you are linked to the website/application from our website/application, the address of that website/application; and the pages you enter, visit and exit the website/application from, content viewed and duration of visits.
  • usage information from our website/applications or other third parties/applications

Your information will be collected and stored as necessary and properly in connection with the purpose set out in this Cookies Policy. The Company will retain the information for 3 years from the latest date you have visited our website/application.

The Company will maintain the appropriate security standard to collect, use and/or disclose your information for the purpose of preventing damage or unauthorized access to your personal information. The Company may disclose your information to our subcontractors, business partners or co-branding partners, and the companies within the Company’s business group for the purpose of our website/application performance monitoring/analysis and advertising only. This disclosure may require sending or transferring your personal data to other countries which shall be in accordance with personal data protection laws.

4. The Company lawful basis

To collect, use and/or disclose your personal information by use of Cookies is from necessity for legitimate interest of the Company or from receiving prior consent from you given to the Company. In this regard, you are free to change your Cookies preferences at any time by clicking on “Cookies setting”.

5. Manage / Disable Cookies

You can change your Cookies preferences any time when you visit our website/application except for “Strictly Necessary Cookies”. You can delete your Cookies from browser history (cache) once you have already exited the Company website/application. To find out more about Cookies, including how to see what Cookies have been set and how to control the use of Cookies, visit www.aboutcookies.org

Please note that Cookies are often used to enable and improve certain functions on the Company’s website/application. If you choose to disable certain Cookies, it may cause certain or all functions of our website/application not to work, operate or access properly thereby affecting the smoothness of your usage of our services.

6. Change of the Policy

This Cookies Policy may be amended or changed as appropriate to comply with regulations. We recommend you to check if you understand such changes. For more information on collection, use and/or disclosure of your Personal Data including your rights relevant to your Personal Data, please visit LINE BK Privacy Policy via www.linebk.com/en/privacy-policy

You can change your cookies setting by clicking here.

 

 


LINE BK Privacy Policy for Applicant and Personnel

Latest Update: 20 November 2024

KASIKORN LINE Co., Ltd., its subsidiaries, and companies within its business group controlled by KASIKORN LINE Co., Ltd (collectively the “Company”, “we”, “us” or “our”) recognize the importance and respect your privacy right to ensure that personal data obtained by us will be used in accordance with the objectives and in compliance with law. This LINE BK Privacy Policy for Applicants and Personnel (this “Policy”) is developed to inform you, as a data subject, of the objectives and details for collection, use and/or disclosure of personal data, including your legal rights

If you do not agree with the contents of this Policy or do not give us your consent to use such necessary information, we may not be able to process our job offer, job application, employment or internship request to you and may not be able to perform certain duties that the Company is obliged to you or may not be able to perform legal duties.

1. What is the Objective of this Policy?

This Policy is developed to inform you, as a data subject, to understand the purposes and details of the collection, use, and/or disclosure of your personal data as well as your legal rights, subject to the applicable laws for the personal data protection, to achieve the objectives of your job application, employment or internship.

2. To whom will this Policy apply?

This Policy shall apply to all applicants and personnel of the Company whether you are, including but not limit to a job applicants and interviewers, directors, advisors, employees or students under our internship program, temporary employees, former employees (e.g. retiree, resigned employee), employees from the outside company, experts, the Company’s workers, including their family members, beneficiaries under welfare programs, emergency contact persons and reference persons, witness and related persons (collectively referred to as “you”, “your” or “yours”).

Your personal data that the Company has collected, used, and/or disclosed, other than that obtained from the process regarding job application, internship or employment shall not be under the scope of the use of this Policy; for instance, your personal data that the Company has collected, used and/or disclosed from using the Company's products or services are not subject to the scope of this policy.

3. Which personal data is collected, used, and/or disclosed by us?

3.1 Personal Data means the data which can directly or indirectly identify you (except for the deceased) as follows:

3.2 Sensitive Personal Data means personal information which is specifically determined by law. We have no intention of collecting your Sensitive Personal Data. In certain cases, however, we may be required to collect Sensitive Personal Data from you for consideration of your employment, action taken under the contract entered into by us with you or for compliance with law. The Sensitive Personal Data includes information about race, religion, political opinion, criminal record, labor union information, disability, genetic information, health information, biometric information (e.g., fingerprint recognition data, face recognition data, etc.). We shall collect, use and/or disclose the Sensitive Personal Data provided that we have been given an explicit consent by you for the purpose as required by this Policy or as permitted by law (e.g. establishment, defense, compliance with or exercise of legal claims, for satisfying legal obligations or any actions as permitted by law) which we are required to collect, use and/or disclose Sensitive Personal Data of you, it shall be undertaken on a case-by-case basis.

(Unless specifically stated otherwise, personal data and Sensitive Personal Data as earlier mentioned shall hereinafter be collectively referred to as “Personal Data”.)

3.3 Personal Data of third parties: If you provide Personal Data of any other third party who is a person related to you or who has involvement with you to us (e.g. your family members, parents, employer, guarantors, joint borrowers, beneficiaries of welfare benefits, emergency contact person and reference person), please inform those persons of the details of this Policy and obtain any required consent from them, if necessary, or apply other legal bases to ensure that we can lawfully collect, use, and/or disclose those third parties' Personal Data as set out in this Policy.

3.4 Personal Data of minors, incompetent or quasi-incompetent persons: The Company has no intention to collect, use and/or disclose Personal Data of minors, the incompetent or quasi-incompetent persons, unless consent from the guardian, the appointed guardian, or the appointed curator (as the case may be) is given to the Company. If the Company discovers that the collection, use and/or disclosure of Personal Data of minors, the incompetent or quasi - incompetent persons is undertaken without consent from the guardian, the appointed guardian or the appointed curator (as the case may be), the Company shall delete or destroy such Personal Data, or collect, use and/or disclose such Personal Data only for the cases where the Company has other lawful bases that require no consent.

4. Channel for Collection of Personal Data

We collect your Personal Data about you in various ways depending on how the company within our business group has contacted you.

4.1 The Personal Data you have directly provided to us or is in our possession from process in accordance with job application, recruitment, during employment or internship including the information received from any communication channels such as direct contacting, websites, social network platforms, e-mail, telephone or mobile phone, post mail, or any other channels.

4.2 The Personal Data obtained or accessed by us from other sources including but not limited to the government entities, financial institutions, the companies within the Company’s business group, business partners, recruitment agents, recruitment website/application, online social media, information service provider, online platform of third party, public data sources, consultants, a person having legal authority or legal right, any other person or agency with which we have a legal relationship, your contact person, etc.

5. What are our objectives to collect, use, and disclose Personal Data?

The Company may collect, use, and disclose your Personal Data in accordance with your relationship with us for job recruitment, internship, providing benefits to you during your employment or for any purposes including but not limited to;

5.1 To comply with the agreement, you have made with the Company (Contractual basis) such as:

  • To perform necessary action in accordance with the applicant screening process (e.g., evaluating applicant qualifications, eligibility, qualification and performance, conducting an interview, etc.);
  • To conduct background checks and screening, to check your information against blacklist in compliance with applicable law including health check, criminal record check or background check from your reference person;
  • To check of data and document accuracy, identification and verification;
  • To perform operation related to the probationary contract, employment contract, internship contract or the contract to which you are a party and in compliance with human resource management policy and related orders of the Company;
  • To arrange of welfare or other benefits such as consideration, allocation, and payment of salaries, employee entitlements and welfare such as tax deductions, submission of information related to social security, submission of information and deductions for provident fund contributions, disbursement of advances, group insurance, travel insurance, and organization of annual health check-ups, etc.;
  • To implement various processes and procedures related to resignation and termination of employment such as severance pay and special compensation, post-termination benefits, etc;
  • To disclose to customers, partners or other parties due to rights and duties under the employment contract.

5.2 To comply with the relevant or applicable laws (Legal obligations), in Thailand or other countries, which are now being enforced, to be amended or to be enforced in the future including any directives, rules, practices, or procedures issued by the legal or regulatory authorities to which the Company is obligated to comply with such as the Personal Data Protection Act, Civil and Commercial Code, labor protection law, social security law, workmen’s compensation law, labor relations law, provident fund law, taxation law, bankruptcy law, anti-money laundering law, law pertaining to Anti-Money Laundering, Combating the Financing of Terrorism and the Proliferation of Weapons of Mass Destruction, computer law, and other laws with which the Company is required to comply, including responding to the orders or requirements from the regulatory authorities, disclosing or transferring information to the regulatory authorities, in-depth audit, and investigation, or upon the receipt of the subpoenas, writ of attachment from public agencies or court, etc.).

5.3 To obtain the Company’s legitimate interests not exceeding the extent reasonably anticipated by you as follows:

  • To perform employee recruitment process e.g. submitting applicant information or reports, interviewing and decision making, processing for employment contract preparation, etc.
  • To perform internal management including but not limited to human resource management, for example, arrangement of employee database and profiles, to provide employee ID, to evaluate your performance through performance reports, to manage on probation, promotion or job transfer, provision of welfare and compensation, issuing letter of certificates, personnel management (e.g., record of working hours, leave or absence, and etc.), post-employment management, process for certain positions’ qualification, inspection of conflicts of interest for certain positions/executives
  • To prepare and store important documents of the Company, such as business registration certificate, certificates, shareholder registrations, meeting appointments, minutes of meetings of the Board of Directors or sub-committees or shareholders' meeting;
  • To prevent, detect, analyse, and manage information technology and communication system to mitigate potential risk arising information technology and cyber threats, examination of data related to the use of electronic equipment in order to enhance work efficiency or examine job performance or to protect confidential information of the Company;
  • To prevent, detect, analyse and manage the potential risks related to law violation or suspicious transaction or complaint handling within or outside the Company (e.g. bankruptcy, fraud, corruption, money laundering, terrorism and proliferation of weapon of mass destruction financing, offences related to property, life, body, liberty or fame in preventing, coping with, and reducing the aforementioned risks);
  • To perform employee relationship management, arrangement of activities, employee feedback and engagement surveys;
  • To enhance employee’s capability and skill such as training, seminar, and knowledge certification;
  • To test the new development or improvement of our Services before actual implementation.
  • To analyse, research, preparation of statistical data and reports for internal use and submission to external agencies;
  • To anonymize your Personal Data (Anonymous Data);
  • To conduct security and safety measures (such as CCTV recording) within the Company’s area;
  • To share or disclose Personal Data to elevate the operational standard of the Company, its affiliates and the companies within its business group in preventing, coping with, and reducing the potential risks arising from business risks, fraud, corruption, any of law violations including information technology risk and cyber threats;
  • To contact, film, image capture or voice record during meetings, trainings, seminars, recreations, or booth activities;
  • Parcel or document receipt and delivery;
  • Other operations of the Company e.g., assignments to the Company’s representatives, advertising, arrangement of advertisement, media and corporate communications.

5.4 Upon the Company’s receiving prior consent from you which the Company cannot apply other lawful basis, the Company will collect, use, and/or disclose the Personal Data as follows:

  • Under the necessary basis, to collect, use or disclose your Sensitive Personal Data;
  • To submit or transfer your Personal Data to other countries which insufficient Personal Data protection standards compared to that of Thailand (except the case of such transferring is otherwise permitted in accordance with the applicable data protection law).

For the objectives other than the abovementioned which require your consent, the Company shall request your consent on a case-by-case basis.

5.5 To prevent or suppress a danger to your life, body, or health (Vital Interest), such as:

(1) To control and prevent contagious or pandemic deceases;
(2) To contact on emergency purpose; and
(3) For security and safety within the Company’s area.

6. How do we share the information with others?

Under your consent or criteria permitted by law and in compliance with the objectives mentioned in Clause 5, the Company may disclose such information by transferring or submitting your information to the following persons/juristic persons as follows:

(1) The companies within the Company’s business group including but not limited to KASIKORNBANK PCL, the companies within KASIKORNBANK FINANCIAL CONGLOMERATE, LY Corporation and its affiliates including LY Corporation, LINE Financial Corporation and LINE COMPANY (Thailand) Co., Ltd.

(2) Third-party service providers, sub-contractors, trade partners, or the representatives performing duties on behalf of the Company or to support the provision of our operations to you (“Third-party Service Provider”) where the Company may delegate the Third-party Service Provider to manage the Personal Data collected from you, in whole or in part, to perform service on behalf of the Company with respect to the need of doing such services. In such circumstances, the Company will take steps to ensure that the Third-party Service Provider abides by the applicable laws and regulations, including by adequately assessing the qualifications and eligibility of the Third-party Service Provider, stipulating a confidentiality clause in the relevant agreement with the outsourced contractor, and establishing an appropriate information administration system;

(3) Business partners (e.g., the company who jointly provide the Services, the companies participating in projects with us);

(4) Advisors or experts (e.g., financial auditors, legal advisors, tax advisors or other advisors or experts, human resource advisors, as the case may be);

(5) The prospective assignee, assignee or relevant third parties in case the Company may conduct business amalgamation, separation, transfer, or any other actions which may result in the transfer of your Personal Data collected by the Company to any third parties;

(6) Government agencies, regulatory authorities, associations, agencies or any other person as necessary to perform duties under laws or regulations or for law enforcement such as the Bank of Thailand, the Office of Insurance Commission, the Securities and Exchange Commission, the Anti-Money Laundering Office, the Revenue Department, court, police officer, or any other agencies having legal authority or legal rights to issue orders or subpoenas requesting us to transfer of your Personal Data or properties such as the Legal Execution Department;

(7) Any other third party for the objectives as specified in this Policy or per your request.

7. Will we transfer your Personal Data to other countries?

We may need to submit or transfer your Personal Data to other companies within our business group located in other countries, or to other recipients of data, as part of our normal business operation (e.g., foreign trade partners, business partners, online social media service providers or government agencies in other countries) such as sending or transferring Personal Data for storing on cloud platforms or servers located in other countries.

In case the Company is necessarily required to submit or transfer your Personal Data to any third parties located in other countries where the receiving countries do not maintain adequate standard levels of personal data protection as in Thailand, the Company will ensure that the sending and the transferring are in compliance with legal requirements and will put in place the personal data protection measures as necessary, appropriate and in consistent with confidentiality measures such as requiring such third parties to represent and warrant that the transferred data will be protected by data protection standards which are equivalent to those required in Thailand.

8. How long do we retain your Personal Data?

The Company will safeguard your Personal during the period in which you are our applicants, personnel or have another relationship with us, or for as long as necessary in connection with the purpose set out in this Policy or to comply with the applicable laws and regulations or to prove and examining in the vent of dispute within prescription stipulated by law for example:

8.1 Unqualified job applicant: Your Personal Data will be kept and safeguarded for one year as evidence to prove that the job screening process has been undertaken by the Company with fairness and for further consideration of matching your application with other job positions available in the future

8.2 Other employee/personnel: Your Personal Data will be kept and safeguarded in accordance with labor laws and other applicable laws for the purpose of proof and investigation, in case there is any dispute arising within the statute of limitation period set by applicable law, which shall, however, be no more than 10 years.

We will undertake operations through appropriate steps to delete or destroy Personal Data or make it anonymous when it is no longer necessary or the said period ends.

9. How do we take the security measure to protect your Personal Data?

The Company shall apply technical, administrative, and physical safeguard measures for safekeeping of your Personal Data in order to maintain confidentiality, accuracy, completeness, and availability of Personal Data to prevent damage, unauthorized or illegitimate access, collection, revision, rectification, use and / or disclosure of Personal Data in accordance with legal requirements.

10. What are your rights related to your Personal Data?

Your rights under this item are legal rights that you should be aware of. You can exercise your rights as stipulated by law and this Policy currently available or to be amended in the future, including criteria determined by the Company.

10.1 Right to withdraw consent

You are entitled to withdraw the consent that you have previously given to the Company to collect, use and/or disclose your Personal Data (whether such consent has been given prior to or after the personal data protection law is enforced), at any time during which your Personal Data is held by the Company, unless there is right restriction by law or there is a contract which is beneficial to you which remains valid.

However, the withdrawal of your consent related to and required for the service request may prevent us from complying with the contract or providing services/benefits/welfares to you, or may cause the transaction or any other related activities to be suspended or temporarily discontinued. For your own benefit, you should determine and inquire about the potential impacts before deciding to withdraw your consent.

10.2 Right to object

You are entitled to lodge an objection to the collection, use or disclosure of your Personal Data at any time. If the collection, use or disclosure of your Personal Data, to which you lodge an objection, is undertaken under legitimate interest of the Company or any person or any juristic person, or for public benefit, we shall continue to collect, use and/or disclose your Personal Data only if the Company can provide legal reasons that the collection, use and/or disclosure of your Personal Data is sufficiently important, or is undertaken for the establishment, defense, use of, or compliance with, the rights to claim in accordance with applicable law, as the case may be.

10.3 Right to access information

You are entitled to have access to your Personal Data under our responsibility and to request us to provide you duplication of your Personal Data and inform you of how your Personal Data has been obtained.

10.4 Right to rectify information

You are entitled to rectify your Personal Data to keep it accurate, updated, complete and not misleading.

10.5 Right to data portability

You are entitled to request your Personal Data which has been processed by us to be in a format that can be read or used in general with an automated device or equipment, and can be used or disclosed via automated methods. You are also entitled to request us to send or transfer your Personal Data of said format to other data controllers if it can be processed via automated method, and to request Personal Data of said format which is directly sent or transferred by us to other data controllers, unless it cannot be processed due to technical difficulties. Your aforementioned Personal Data must be Personal Data that you have granted consent to us to collect, use and/or disclose or must be Personal Data that we need to collect, use and/or disclose to allow you to use our products/services in accordance with your intention wherein you are a contract party with us or for undertaking operations per your request before using our products/services, or must be other Personal Data as determined by competent authorities.

10.6 Right to erasure

You are entitled to request us to delete or destroy your Personal Data or make it anonymous if you believe that your Personal Data has been collected, used and / or disclosed illegitimately, which is not in compliance with applicable laws or if you deem that it is no longer necessary for the Company to keep your Personal Data under the objectives of this Policy or when you exercise your right to withdraw consent or your right to object as mentioned earlier.

10.7 Right to restrict processing

You are entitled to request us to suspend the use of Personal Data if we are conducting an investigation per your request to exercise your right to rectification or right to object, or for any other case wherein it is no longer necessary for the Company to keep your Personal Data and we must delete or destroy your Personal Data in accordance with applicable laws, but you have sought to request us to suspend the use of your Personal Data instead.

10.8 Right to lodge complaint

You are entitled to lodge a complaint to relevant competent authorities if you believe that the collection, use and disclosure of your Personal Data violates or does not comply with applicable laws.

Exercising the aforementioned rights may be restricted by applicable laws, and, in certain cases, there may be compelling reasons that may cause the Company to deny your request or may prevent the Company from complying with your request such as for in compliance with laws or court orders, for the public benefit, exercising the aforementioned rights may potentially violate other persons’ rights or freedoms, etc. If the Company denies aforementioned request, the Company shall give you the reason for such denial.

The Company may take at least 30 days processing time to complete the request after receiving all necessary information from you. For revoking of your Product/Service offering consent, the Company may take within 7 days processing time to complete the request after receiving all necessary information. In some cases, the processing time can vary depending on the complication and size of the request or subject to the force majeure event.

11. Modification to this Policy

We amend LINE BK Privacy Policy for Applicant and Personnel from time to time. We will notify you upon any important changes we have made via LINE Application, our website via www.linebk.com/en/privacy-policy/#privacy-policy-personnel, or by other reasonable means.

12. Information Channel

If you have any inquiries or a request to exercise your rights relevant to your Personal Data collected, used, and disclosed by the Company, you may contact the Company and/or the Data Protection Officer via the following channel:

13. Language

This Privacy Policy is made in both Thai and English versions. If there is any discrepancy between both two versions, the Thai version shall prevail.

LINE Chat

Go to Top