Privacy and Personal Data Protection Policy
Rojukiss International Public Company Limited
Last Updated: 8 July 2025
Rojukiss International Public Company Limited places extreme importance on the privacy and security of personal data of users of the website www.rojukiss.com. The collection, use, and disclosure of any personal data shall be carried out in compliance with the Personal Data Protection Act B.E. 2562 (2019) of Thailand.
To provide users with appropriate, secure, and tailored services, the company only collects the necessary personal data. Such data will be used solely for the purposes specified, in a transparent manner, and based on the explicit consent of the data subject. The company will not coerce or mislead data subjects into providing consent and will not share personal data with any third party without prior consent, unless mandated by law.
In the event that this policy changes, the company will notify users through this website. This policy will take effect on the date stated above.
1. Types of Personal Data Collected
The Company may collect the following categories of your personal data:
- Contact Information: such as full name, address, email address, and phone number
- Account Information: such as username and password
- Usage Data: such as IP address, device type, operating system, and browsing history
- Payment Information: such as credit/debit card numbers (processed by a third-party payment service provider)
- Communication Data: such as records of communication with customer service, including emails
- Survey and Feedback Data: such as responses to questionnaires, opinions, or customer reviews
The company does not collect sensitive personal data unless explicit consent has been obtained in advance or unless permitted by law. Additionally, the company does not knowingly collect data from individuals under the age of 20 or from persons who are legally incompetent, unless explicit consent is provided by a parent, guardian, or legal representative.
2. Sources of Personal Data
Your personal data may be collected through the following channels:
2.1 Use of Website and Online Services:
- Click behavior, visited links, time spent on the website
- Usage across various devices (PCs, mobile phones, tablets)
- Tracking technologies such as cookies, web beacons, or third-party analytics services คุกกี้, เว็บบีคอนส์, หรือบริการวิเคราะห์จากบุคคลที่สาม
Please refer to our Cookie Policy to manage your privacy settings.
2.2 Registration or Subscription:
Via online forms, account creation, or participation in Company-organized activities.
2.3 Communication with the Company:
Such as phone calls, emails, or contact with our customer service center.
2.4 Company’s Social Media and Applications:
Data from your device, such as IP address, system type, browser version, and location information (if permission is granted).
2.5 Third-Party Social Media Platforms:
e.g., Facebook, TikTok — The company may receive data from social platforms you authorize, such as your name, email address, gender, date of birth, profile picture, friend list, etc.
2.6 Authorized Partners or Service Providers:
Including payment processors or logistics providers involved in the Company’s services.
2.7 Consumer Surveys or Feedback:
Including voluntarily provided data for market research or product development purposes.
2.8 User-Generated Content (UGC):User-Generated Content)
Such as images, videos, or text that you post or upload to social media or as part of activities organized by the Company.
The Company will collect and publish such content only upon receiving your explicit consent.
3. Purpose of Collecting and Using Personal DataThe company uses your personal data for the following purposes:
3.1Order Fulfillment
- To process and deliver purchased products
- To notify order status and update delivery information
- To verify identity and payment information
3.2 Communication and Customer Service
- To respond to inquiries and provide updates related to products and services
3.3 Marketing and Promotional Activities
With your consent, the Company may use your personal data to:
- Send promotions, special offers, and updates via email, phone, SMS, or postal mail
- Conduct marketing campaigns or promotional activities on the website and social media platforms
You may withdraw your consent at any time.
3.4 Advertising and Social Media Engagement
- The company may use data derived from your interactions with social media posts, such as “likes” or comments.
- If you do not wish for your data to be used in this manner, please refer to the respective social media platform’s instructions on how to opt out.
3.5 Product Development and Market Research
With your consent, the company will:
- Analyze your behavior, interests, and preferences
- Utilize the data for research and development to better meet consumer needs
3.6 Enhancing User Experience on the WebsiteThe company may use your personal data to:
- Improve the usability of the website and applications
- Customize content and display based on your device
- Display advertisements or content tailored to your interests
- Remember user data such as account information or items in the shopping cart
Such use of data will be based on your consent and can be withdrawn at any time.
3.7 Compliance with Laws and Regulations
The company may disclose personal data when necessary, including but not limited to:
- Compliance with laws or court orders
- Responding to government authorities
- Protecting the rights, safety, or property of the Company or others
- Mergers, acquisitions, or legal transfers of rights
3.8 Security Purposes
- Protect its systems, networks, and infrastructure from unauthorized access, misuse, or attacks. Ensure the safety and security of its employees, customers, and assets. Detect, prevent, and respond to security incidents or breaches. Comply with applicable security standards and regulations
The company processes your personal data
based on the following legal grounds:
- Based on the consent of the data subject
- For the performance of a contract or to take steps at the request of the data subject prior to entering into a contract
- For compliance with legal obligations
- For the legitimate interests of the company, such as ensuring security or internal management, including the retention of tax records related to orders
5. Disclosure of Personal Data
The company may disclose your personal data to external individuals or entities as necessary, as follows:
5.1 Service Providers and Business Partners
To effectively operate the business and provide services, the company may disclose data to external service providers such as order fulfillment, payment processing, identity verification, website maintenance, data analytics, marketing, and customer service. Such service providers are authorized to access personal data only to the extent necessary and must comply with data security and confidentiality requirements.
5.2 Credit Reporting and Debt Collection Agencies
In cases related to credit checks or overdue debt collection, the company may disclose data to legally authorized agencies for the purpose of assessing financial credibility or pursuing debt recovery.
5.3 Third Parties for Marketing Purposes
The Company will not disclose or sell personal data for commercial purposes without your explicit consent. Prior to obtaining consent, the company will inform you of the name of the receiving company.
5.4 Disclosure as Required by Law or in Business Mergers
The Company may disclose personal data as required by law or in the event of a merger, acquisition, or transfer of all or part of its business, in accordance with legal provisions. (Please refer to Section 3.7 for more details.)
6. Retention of Your Personal Data
The Company will retain your personal data only as necessary to achieve the specified purposes and will implement appropriate security measures. The retention periods and disposal methods are as follows:
Data Type
Retention Period
Disposal Method
1. Customer / General Website User Data
- Retained as long as the relationship with the Company exists
- If inactive or account canceled → deleted within 1 year
Request service providers to delete inactive user data over 1 year
2.Transaction Data (Orders, Payments, Tax Invoices)
- Retained for 5 years from the date of purchase for legal audit purposes
Delete data exceeding the retention period
3.Marketing Data (Usage history, Interests)
- Retained as long as there is interaction
- If no activity for 2 years → deleted
Delete data for users inactive for 2 years
4.Subscription Data (Email Newsletters)
- Retained until consent is withdrawn
- If no open or unsubscribed → deleted within 1 year
Delete data with no interaction within the specified period
5.Data in Case of Legal Dispute
- Retained until legal proceedings are concluded
Deleted upon conclusion of legal proceedings
Request for Deletion or Withdrawal of Personal Data
If you wish to request the deletion or withdrawal of your personal data, please proceed as follows:
- Contact the company’s data protection officer or send a clear written request via email stating: “I am the data subject and hereby request the company to delete my personal data from its system.”
- The officer will inform you of the deletion process, including providing a personal data withdrawal form. You will be asked to submit identification documents, such as your national ID number or a copy of your ID card.
- Deleting your data will include the cancellation of your user account.
- In some cases, the Company may be required to retain certain data to comply with legal obligations or contractual duties.
- Please be aware that once the deletion process is completed, you will no longer have access to any data, including your past order history.
7. Disclosure, Storage, and Transfer of Personal Data
7.1 Data Storage Security
The company implements appropriate security measures to protect your personal data from unauthorized access, disclosure, or use. However, the company cannot guarantee security if you voluntarily disclose your information through public channels such as social media or third-party platforms.
7.2 Internal Access to Data
Only authorized personnel of the company may access your personal data for specific purposes. For example, customer service officers may access customer information solely to provide services as part of their duties.
7.3 System Security Measures
Your data is stored in systems with appropriate safeguards to prevent unauthorized access. Nevertheless, the Company is not liable for damages caused by force majeure events such as internet system failures or malicious attacks (e.g., hacking).
7.4 Responsibilities of Data Subjects
Data subjects play a crucial role in safeguarding their user accounts by:
- Using strong passwords and not disclosing them to others
- Avoiding the use of password-saving features on public computers
- Logging out after each session
- Utilizing privacy control features provided by the company via its website or application
7.5 Cross-Border Data Transfers
If your data needs to be transferred internationally, such as storage on cloud systems, the company will comply with the Personal Data Protection Act B.E. 2562 (2019). This may include using international standard contractual clauses or obtaining your consent to ensure your data is adequately protected.
8. Rights of Data Subjects
Data subjects have the following legal rights (unless otherwise specified by applicable law):
- Right to Access: The right to access, review, or request a copy of your personal data in either paper or electronic form.
- Right to Rectification: The right to request correction, update, or amendment of your personal data to ensure accuracy, completeness, and currency.
- Right to Erasure: The right to request deletion or destruction of your personal data when it is no longer necessary to retain it.
- Right to Restrict Processing: You have the right to request a limitation on the use or disclosure of your personal data in certain circumstances.
- Right to Withdraw Consent: You are entitled to withdraw your consent to the processing of your personal data at any time.
- Right to Object: The right to object to the processing of your personal data, particularly for marketing purposes.
Exercising Your Data Subject Rights
If you wish to exercise any of the rights mentioned above, please proceed as follows:
- Contact the Personal Data Protection Officer to request the relevant form for submitting your request in writing. Complete the request form and attach a copy of your national ID card (or equivalent identification document) to verify your identity.
- Submit the completed documents via email to: [[email protected]] or by postal mail to:
Marketing Department (Personal Data Protection Officer)
ROJUKISS INTERNATIONAL PUBLIC COMPANY LIMITED
100/8, 100/51-54 Wongwanich Complex B, 12th & 19th Floors,
Rama 9 Road, Huaykwang Subdistrict, Huaykwang District, Bangkok 10310, Thailand
Note: If the request is submitted by a third party, a legally authorized power of attorney must be attached. Otherwise, the Company reserves the right to reject the request.
9. Changes to This Privacy Notice
The company reserves the right to amend, update, or modify this Privacy Notice at any time to ensure compliance with applicable laws or changes in best practices. We recommend that you periodically review this notice to stay informed about the latest updates to the Company’s privacy policy.
10. Contact Information for the Data Controller and Personal Data Protection Officer
If you have any questions, suggestions, or wish to exercise your rights as a data subject,
please contact us using the following details:
Data Controller
ROJUKISS INTERNATIONAL PUBLIC COMPANY LIMITED
Address:
100/8, 100/51-54 Wongwanich Complex B, 12th & 19th Floors,
Rama 9 Road, Huaykwang Subdistrict, Huaykwang District, Bangkok 10310, Thailand
Phone: +66 2645 1155
Email: [email protected]
The company will investigate any complaints related to personal data management and will take appropriate action within the scope of applicable laws.
