Rêver Automotive Co., Ltd. (“We”) do recognizes the importance of protecting personal data. Personal data means any personal information that can verify your identity. We, as a data controller in accordance with the Personal Data Protection Act B.E. 2562, hereby create the Personal Data Protection Policy (“Policy”) in order to provide the information for data subject to acknowledge and understand the purpose, principle and security of personal data management. This policy will enforce with our website(s), mobile application(s), showrooms, social networking sites, activities, and other channels that we collect the personal data. Hereby, we, directly and indirectly, collect the personal data by the aforementioned channels or receive the personal data from affiliated companies, subsidiaries or our business partners.

1.PERSONAL DATA

1.1 The definition of personal data

Personal Data means any information relating to a Person, which enables the identification of such Person, whether directly or indirectly.

Sensitive Personal Data means personal information about race, ethnicity, political opinions, cult religion, philosophy, sexual behavior criminal records, medical information, disability information, trade union information, genetic information, biological information (e.g., finger scans, face scanning, etc.) or any other information that affects the data subject in a similar way as announced by the personal data protection committee.

1.2 The collected personal data

1) Personal data such as name titles, name, surname, career, position, workplace, annual income range, education, nationality, birthday, marriage status, information on government-issued cards (such as identity card number, passport number, tax identification number, driver’s license information, etc.) signature, audio recordings or recordings of telephone conversation, photographs, household registration, family information, profile information (such as user name on mobile application or website including the password) and other information.

2) Contact information such as postal address, delivery address, billing address, telephone numbers, maps, location, email address, and other channels through social networking sites.

3) Financial information such as bank account, PromptPay, bank statement, loan, financial contracts details (e.g., amount, contract type, contract status, down payment, balloon, installment, name of guarantor, down payment period, product type, behavior of balloon payment) bank cheque, credit information, financial instrument, deposit, tax amount, balance, outstanding balance, financial statements, affidavit, list of shareholders, other financial information.

4) Vehicle information such as vehicle identification number, license plate number, brand, model, year, color, engine number, vehicle type, mileage, battery, voltage, door, petrol level, brake wear, location and movement data (e.g. time, location, speed), traffic data, environmental data, sensor data (e.g. radar, ultrasonic devices, gestures, sound), car insurance, accidents and car problems records, maintenance records, credit insurance, compulsory insurance and gap insurance, salvage value (residual value), accessories performance, imported car, vehicle registration manual, car pick-up date, car price, next service appointment date or service history, vehicle inspection documents, GPS data and vehicle location, car history report summons and letters from the police and other vehicle-related information

5) Transaction details such as payment details (to you and from you), the date and/or time of payment, payment amount details about requesting a refund date and place of purchase of goods or services, address/date and time of pickup or delivery, service request form, receipt form, recipient's signature, receipts, invoices, transactions, transaction history, location, transaction status, buying preference and other details of the goods and services you purchase, deposit/payment slip, credit card, complaints and claims, expectation date of buying, and balance, including receiving special offers or discounts

6) Other information that we collect, disclose, exchange or obtain, directly or indirectly, such as our business partners, partners, insurance brokers. insurance company, financial institution.

2. PURPOSES OF COLLECTING PERSONAL DATA

2.1 For the compliance with the contract and manage contractual relationships including legal documents that are required to comply with the laws, regulations, terms and conditions for complying with legal duties.

2.2 To acknowledge the problem and be able to solve the problem by means of improving business operations, products and services in a timely and precisely.

2.3 To manage information technology operations, communication system management, information technology security maintaining and inspection, managing business for compliance with requirements, policies and/or internal processes.

2.4 For fraud inspection, various risk assessments as well as to prove your identity by ensuring compliance with the law and other regulations.

2.5 For corporate transactions in the case of sale, transfer or merger, business rehabilitation or other similar cases.

3. PERSONAL DATA EXCHANGE

3.1 We may transfer, share, disclose the personal data to the others or the third party that collects, uses or discloses for the purposes specified under this Policy.

3.2 Service providers, we may share your personal data with service providers or product suppliers, outsourced services in order to be able to provide services such as logistics and transportation service providers, market research and survey services, analytics service, marketing services, advertisements, designs, creation and communication, etc.

During providing the above service, service providers may have access to your personal data, however; we will only provide service providers with necessary information to provide the service by clearly defining the scope of use in the service agreement; and we will request service providers not to use your personal data for other purposes. We ensure that the service providers we work with strictly maintain the security of your personal data as required by law.

3.3 We may transfer your personal data to our business partners to conduct business and provide banking, finance, credit, loans, vehicles, insurance, telecommunications, marketing, retail, wholesale, equipment rentals. including vendors or platform providers with which we may jointly offer goods or services; or own the goods or services that we may offer to you.

4. DATA SECURITY AND DURATION OF COLLECTION

We have defined the measures for controlling access to the personal data and the use of equipment which is safe and appropriate for use, collection disclosure and analysis personal data. Moreover, we also have the measure to limit access to personal data and the use of devices for storing and processing personal data by assigning access rights to the user's data, authorized designated employees to access information including user responsibilities in order to prevent unauthorized access to personal information, disclosure, knowing or illegal copying of personal information. or unauthorized theft of personal data storage or processing devices. We put in place measures for retrospective review of access, change, deletion or transfer of personal data to be consistent with the methods and media used to collect, use or disclose personal information. The period for storing such personal information is appropriate for the purposes set out in this policy. We hereby certify not to store personal information. beyond the period specified by law.

5. LEGAL RIGHTS OF DATA SUBJECT

5.1 Right to access information, data subject is entitled to request access and obtain a copy of personal data referred to the personal data collected under this policy.

5.2 Right to request correction of personal data, data subject is entitled to request us to amend the information to be accurate or up to date for avoidance of confusion or misunderstandings so far.

5.3 Right to complain or object, data subject is entitled to complain about the collection, use, and disclosure of personal data. If we are found to have violated or failed of complying with the law, data subject can also object to the collection, use, transfer, sharing or disclosure of personal information with a request of deleting or further restrict the use of your personal data.

5.4 Right to withdraw consent in case that the data subject has given us consent, the data subject can also revoke their consent to collection, use or disclosure. The withdrawal of consent will not affect the collection, use, or disclosure of personal data of which the data subject has previously given consent.

6. CONTACT US

In case that data subject would like to contact us to exercise the rights of personal data or have any inquiries in relation to this policy, please kindly contact us by the given information below.

Rêver Automotive Co., Ltd., located at No. 865 Siam@Siam Hotel Bldg., 9th Fl., Rama 1 Rd., Wangmai, Pathumwan, Bangkok 10330

Email: dataprivacy@reverautomotive.com

Tel : 02-766-8880