Privacy Policy

This Privacy Policy has been prepared by Chaopraya Mahanakorn Group Public Company Limited and its affiliates (“the Company”).
The Company respects personal rights and places great importance on the protection of its customers’ data. This Privacy Policy is established to inform you of how the Company collects, uses, and discloses your personal information, its purposes, and how it is managed, as well as your legal rights in relation to your data, in accordance with the Personal Data Protection Act.
This Privacy Policy applies to the Company’s services through its website, applications, social media, and other channels for customers and visitors. However, it does not govern employees and job applicants of the Company. By using the Company’s services through various channels or by providing information to the Company, you are deemed to have accepted the Company’s practices as outlined in this Privacy Policy. The Company has a policy to continually develop and improve its services to be modern, efficient, and comply with good governance and relevant laws. Therefore, this Privacy Policy may be updated periodically, and we encourage you to review it regularly to stay informed about the latest privacy practices of the Company.
For your convenience, you can click on the name of each topic to read this Privacy Policy section by section, as follows:

Privacy Policy

  1. From what sources does the Company collect your Personal Data?
  2. Use of Cookies and Other Tracking Technologies
  3. Personal Data Collected by the Company
  4. Duration of Personal Data Collection
  5. Purpose of Personal Data Collection
  6. To whom does the Company disclose information?
  7. Your Rights in Managing Personal Data
  8. Company Information and Data Protection Officer

Section 1 : From what sources does the Company collect your Personal Data?

Personal data is collected directly from you, such as information you provide when registering for services, applying for FINNOMENA membership, account information, or updates you make in your user account. This also includes data from interactions with the Company or its team (e.g., agents), information from other user accounts, product usage and/or services, contact through the website, call center, and other channels, as well as information from participating in activities on the platform, surveys, seminars, and roadshows.
Tracking technology when you use the Company’s website and applications.

Third parties such as:

Section 2 : Use of Cookies and Other Tracking Technologies

The Company uses cookies and other tracking technologies like Google Analytics and Facebook Conversion Tracking to help collect information such as browser type, time spent on online services, visited pages, referenced URLs, language settings, and other computer traffic data. The purpose is security, ease of use of the website, more effective display of information, statistical data collection, and to enhance your browsing experience to meet your needs while using online services. Cookies also help the Company select the most relevant advertising or offers for you and track responses to online advertisements and marketing emails.
You can learn more about the Company’s use of cookies in the Cookies Policy.

Section 3: Personal Data Collected by the Company

Personal information such as name, age, date of birth, gender, marital status, national identification number, passport number, or other government-issued identity information, postal address, workplace, telephone number, email, Line ID, IP address, Cookie ID, browser information, and other device-related data used to access the Company’s website, application, and other communication channels.
Financial information such as bank account numbers, financial history, asset listings, and bank statements.
Transaction information like property bookings and property purchases, including information about products or services you have purchased, used, or considered, or the trends of your purchases or use of products or services.
Internet activity information, applications, or other electronic networks, such as visit history, information collected from cookies, pixel tags, and other tracking technologies.
Sensitive Data: The Company will collect, use, and/or disclose sensitive personal data such as information about race, religion, health information of service users, biometrics, disability, or any other sensitive information that is beneficial in providing services. The Company may collect, use, and/or disclose biometric information such as voice recognition data for the purpose of verifying and confirming the identity of users who apply and/or transact through websites, call centers, or other channels.

Section 4 : Duration of Personal Data Collection

The Company will retain your Personal Data for as long as necessary to fulfill the purposes specified in this Privacy Policy, except in cases where the law requires or permits longer retention. This duration may be approximately 5-10 years or longer as necessary, such as in accordance with the statute of limitations for relevant matters, litigation, or regulatory investigations.

Section 5 : Purpose of Personal Data Collection

To provide services that meet your needs, the Company will use your personal data so you can receive products and/or services that align with your goals under the contract or as requested. This includes:
Approval and/or provision of services such as opening investment accounts, investing, making transactions, buying, selling, and exchanging investment units.
Refusal to provide information to the Company may prevent the provision of products and/or services to you.
To comply with legal duties, the Company collects, uses, and/or discloses personal data in compliance with relevant laws such as securities and exchange laws, tax laws, anti-money laundering laws, computer laws, and bankruptcy laws. This includes data about directors, authorized persons acting on their behalf, representatives of corporate clients, and persons appointed by the court for receivership, among others. The Company must also comply with orders from agencies or authorities with legal power and may need to cooperate in providing information to relevant foreign agencies. Refusal to provide information may prevent the Company from offering products and/or services to you.
For the legitimate interests of the Company or other persons or legal entities, such as:
Security measures: The Company records audio via the Call Center and CCTV at its entrance and exit.
Maintaining customer relationships, such as handling complaints, assessing satisfaction and customer care by the Company’s employees, and periodically communicating or offering products and/or services of the same type that are beneficial to you.
Risk management, auditing, internal management, and preventing illegal acts such as fraud, cyber threats, money laundering, and other laws.
Data security, such as making personal data anonymous (Anonymous Data).
Business purposes: The Company collects personal data for statistical analysis or public relations, such as photo and audio recordings in meetings, training sessions, recreational activities, or booths.
Refusal to provide information may prevent the Company from serving you as efficiently as it should.
To allow you to benefit from products and/or services as you have consented, for example, to provide better products and/or services according to your needs, to offer you special benefits, advice, and news, and to participate in special events, etc.
Refusal to provide information may prevent the Company from serving you as efficiently as it should.

Section 6: To whom does the Company disclose information?

The Company will not disclose personal information to any party without your prior consent. However, for the efficiency of the service or to comply with the law, the Company may disclose your Personal Data to the following parties:
All Personal Data received from you will be stored in a data center (Cloud) of third-party data processing service providers with servers located in Thailand and abroad. The transfer of the Company’s customers’ personal data to such external data processing providers is intended to ensure safe storage, backup, data retrieval, and service provision. The Company thoroughly examines and selects service providers and has agreements on data security measures and data processing scope with relevant providers. By providing personal data to the Company, you consent to the cross-border transfer and storage of your Personal Data abroad for the purposes above.
However, suppose you believe that any party to whom the Company discloses the personal data of service users as above has used the User’s personal information for purposes other than as specified by the Company. In that case, you may notify the Company as set out in this Privacy Policy to proceed with relevant matters.
Additionally, the Company may be required to disclose the personal data of service users to comply with the law, such as disclosing information to government agencies, state agencies, service oversight agencies, or regulatory bodies. This includes cases where requests for disclosure are made under legal authority, such as requests for information for prosecution or legal proceedings or requests from private entities or other third parties involved in legal proceedings. This also includes cases where it is reasonably necessary to enforce the Company’s terms and conditions of use, as well as disclosure of information in the event of organizational restructuring, merger, or disposal. The Company may transfer the User’s personal data, whether in whole or in part, collected by the Company to the relevant companies.

Section 7: Your Rights in Managing Personal Data

Correction or deletion of personal information: You can correct or delete your personal data at any time. You can request a “Personal Data Request Form” to fill out and submit to the Company via [email protected] or Tel: 1172. Deletion of data may prevent users from receiving services from the Company or may cause the service to be as inefficient as it should be.
In the event of a request to delete the User’s personal information from the system or customer database of that Company, the Company will endeavor to the best of its ability to facilitate and process the User’s request, unless it appears that the implementation of the request risks violating the privacy policy of other users, or is contrary to the law, or it is necessary to retain the information as evidence for investigation or legal proceedings, or to comply with the obligations under applicable laws, or to comply with the system’s security policy, or in the event that it is out of practice at the request of the User.
However, even if the Company has acted on the User’s request, such data may still be recorded or copied on the Company’s server or backup system as a backup in the event of a malfunction, defect, or system failure.
Request access and request an electronic copy of personal data: Requesting the disclosure and transfer of personal data to other persons by automated means. Restricting or suppressing use. Refusal of data processing. You can request a “Personal Data Request Form” to fill out and submit to [email protected] or call 1172. Withdrawal of consent: You may withdraw your consent to the Company regarding the processing of specific data or activities. You can contact the Company at any time by using the information listed below.
In addition, if you do not wish to receive information and news from the Company, you can:
Petition: You have the right to complain to the expert committee under the Personal Data Protection Act in the event that the Company or the Personal Data Processor, including employees or contractors of the Company or the Personal Data Processor, violate or fail to comply with the Act or notification issued under the said Act.

Section 8: Company Information and Data Protection Officer

You can contact the Company at the following address:
To ensure effective compliance with the Company’s Privacy Policy, the Company has appointed a Data Protection Officer who will assist with the handling of your Personal Data. If you have any questions or suggestions about the Company’s practices regarding the handling of personal information, please get in touch with us. You can inform the Company via [email protected] or call 1172.
DOWNLOAD CMCWECARE
appstore
googlepay

FOLLOW CMCGROUP
SOCIAL NETWORK

© 2019 Chaopraya Mahanakorn PLC
Terms and Conditions | Privacy Policy