Skip to content
The LivingOS
Legal

Privacy Policy

The LivingOS Corporation Co., Ltd. · Published 1 December 2024 (Version 2)

The Living OS Corporation Co., Ltd. ("the Company") recognises the importance of protecting personal data. Data protection is part of our social responsibility and is the foundation of trustworthy business relationships with our customers and partners. The Company is therefore committed to complying with personal data protection laws and other relevant regulations.

This policy covers the following categories of data subjects (collectively referred to as "you" or "data subject"):

  • Users of the Company's applications or websites, such as general users or juristic-person staff
  • Owners, residents, or occupants of properties in projects the Company serves
  • Owners or lessors of properties advertised through the Company's applications or websites
  • Persons conducting transactions through the Company's applications or websites
  • Service providers or business partners of the Company, whether as natural persons or representatives of legal entities
  • Employees or contractors of the Company, job applicants, and their families, references, and emergency contacts

11. Personal Data the Company Collects, Uses, and Discloses

Category of personal dataExamples collected
Personal detailsFull name, date of birth, national ID number, passport number, gender, age, nationality, photographs, signature, marital status.
Contact informationAddress, phone number, email, LINE ID, social media accounts.
Transaction and financial dataService history, land title deed copies, house registration copies, bank account numbers, credit card numbers, loan-related information, work permits.
Computer usage dataIP address, user accounts, cookies, application and website access history.
Employee data (sensitive)Religion, health information (blood type, medical history), genetic or biometric data (e.g., fingerprints), sexual behaviour.

22. Purposes and Legal Bases for Collection, Use, and Disclosure

Legal basisActivities / purposes
Legal obligation
  1. To ensure the Company's operations comply with applicable laws (PDPA, tax laws, labour laws, social security laws, court or government agency orders).
  2. To carry out activities under investigation by officials or regulatory agencies.
Contract and performance of contract
  1. To provide services and conduct transactions related to the Company's products or services.
  2. To execute purchase, lease, or other property-related agreements.
  3. To process payments (credit-card data is handled by a third party and is not permanently stored on Company servers).
  4. To verify or identify data subjects accessing services.
  5. To process data-subject requests or complaints.
  6. To register and verify service users.
  7. To register partners, procure goods/services, and conduct financial transactions.
  8. For employment purposes, performance appraisal, payroll, and benefits.
Legitimate interests
  1. To improve and develop the Company's business operations, perform data analysis, and develop new products under an anonymisation process.
  2. For internal operations, website troubleshooting, testing, research, and security.
  3. To investigate and prevent unlawful activities.
  4. To protect the privacy, safety, and property of the Company and its personnel.
  5. For internal investigations or audits.
  6. To maintain internal security and remedy and prevent damage.
  7. To communicate for business purposes with representatives or persons related to the Company's partners.
  8. To communicate with persons associated with employees in urgent situations.
Consent
  1. To present benefits or other services, send offers and promotions, and conduct direct marketing.
  2. To collect, use, and disclose your sensitive personal data.

Note: If you are unable to provide personal data to the Company, operations that require your personal data may be delayed or cannot be carried out.

33. Retention Period

The Company will retain your personal data for as long as you continue to use our services or maintain a relationship with the Company, and will continue to retain it for 10 years after that relationship ends. After that, the Company will delete, destroy, or anonymise your personal data — unless there is a legal necessity or technical reason that justifies longer retention.

44. Disclosure of Personal Data

Access to your personal data is limited to those who have a need-to-know. However, the Company may disclose or transfer data to external parties in the following cases:

  • Third parties required by law — to comply with applicable laws, including orders from government agencies.
  • Related group companies — for marketing purposes, with your consent.
  • Service providers to the Company — such as software providers, payment processors, cloud service providers, lawyers, and legal advisors. The Company requires such providers to maintain appropriate privacy standards.
  • Persons authorised to manage your interests — such as your legal agents or representatives.
  • Persons the Company is instructed by you to disclose your personal data to.

55. Your Rights as a Data Subject

You have the following rights regarding your personal data under the Personal Data Protection Act, subject to the Company's lawful grounds for refusal.

  • Right to withdraw consent

    You may withdraw consent at any time. Withdrawal does not affect processing that occurred before withdrawal.

  • Right of access and to receive a copy

    You may access and obtain a copy of your personal data held by the Company.

  • Right to data portability

    You may request data in a machine-readable format and request that the Company transfer it to third parties.

  • Right to object

    You may object to collection, use, or disclosure of personal data processed under a legitimate interest basis or for direct marketing purposes.

  • Right to erasure

    You may request that the Company delete, destroy, or anonymise your personal data when it is no longer necessary.

  • Right to restriction

    You may request that the Company suspend use of your data, for example while the accuracy is being verified or while your objection is being considered.

  • Right to rectification

    You may request that the Company correct your personal data to be accurate, up-to-date, complete, and not misleading.

  • Right to lodge a complaint

    You may lodge a complaint with the Personal Data Protection Committee or the PDPA Office if the Company does not comply with the law.

The Company will consider and notify you of the outcome of your request within 30 days.

66. Links to External Websites

The Company's website may contain links to third-party websites, which may have different privacy policies from the Company's. Please review the policy of each website before deciding to disclose information. The Company accepts no responsibility for the content, policies, damages, or actions of third-party websites.

77. Amendments to This Privacy Policy

The Company may update, change, or amend this Privacy Policy in the future to ensure appropriateness and alignment with changes in the Company's operations or with amendments to applicable laws.

88. Contact Us

The Living OS Corporation Co., Ltd.

46/8 Rungrojthanakul Building 12B, Floor 6, Ratchadaphisek Road, Huai Khwang, Huai Khwang, Bangkok 10310
www.thelivingos.com
02-481-5234
[email protected]

Data Protection Officer (DPO)

46/8 Rungrojthanakul Building 12B, Floor 6, Ratchadaphisek Road, Huai Khwang, Huai Khwang, Bangkok 10310
[email protected]

This Privacy Policy was published on 1 December 2024 (Version 2).