Privacy Notice for the Company’s Customers
CP Axtra Public Company Limited (the “Company”) has been providing a variety of services and sells a wide range of products through its branches and various channels. Additionally, the Company has developed and offers online and digital services that encompass all types of online media, facilitating the provision of information and the ordering of all types of products for its member customers. As the owner of www.lotuss.com, www.cpaxtra.com, www.makro.pro, www.makrohorecaacademy.com, www.มิตรแท้โชว์ห่วย.com and/or other websites to be developed in the future including other applications and online services of the Company (the “Website”), we truly aware of the importance of your personal information and always respect your rights to privacy rights as our service recipient. We therefore want you to be confident that your data is safe and secure with us, and understand how we use it to offer you a better and more personalised shopping experience.
In general, you will be able to visit our Website and review the contents, without the need to provide your personal information. However, you will need to register for an account if you would like to use our services including disclosing or providing your personal information which will be referred to as the “personal information” in order for the Company to process for the purposes of entering into any transactions through our online channels or other channels, such as Website, membership registration, ordering products online or other sales promotions for the members as stipulated under this Privacy Notice, hereinafter referred to as the “Privacy Notice”.
The data controller is the Company.
The Company is committed to properly managing the collection, use, disclosure, and protection of your personal information. This Privacy Notice encompasses:
· Personal information we collect when we interact with you;
· Purposes of collection, use or disclosure
· Disclosure of personal information
· Sending or transfer of personal information to overseas
· Retention period of personal information
· Your rights
· Updating your personal information
· Security measures for your personal information
· Marketing research or communications
· Cookies and similar technologies
· Redirecting to other parties’ websites
· Changes to the Privacy Notice
· Notification of personal Information breach and leakage
· Contact us
We offer a wide range of products and services, so it is significant that you understand what this Privacy Notice covers. This Privacy Notice applies to you if you use our services. Using our Services means:
· shopping with us over the phone, in-store or online at our online shopping websites or any other online systems, platforms and applications owned by the Company or operated by a third party through which our products and services are offered;
· accessing or using any of our websites, online systems, platforms or mobile applications;
· making bill payments through us, for example, paying utility bill, phone and cable bill, and credit card bill at our cashier counters or via other payment channels we operate;
· being a member of Makro or My Lotus’s membership scheme (together as “membership” or “member”);
· applying to be our Business to Business (“B2B") customer; or
· contacting or otherwise interacting with us or our customer service teams about our service.
Group or category of the personal that the Company will collect the personal information
Under this Privacy Notice, group or category of the personal that the Company will collect and process the personal information consists of any personal purchase the product and/or receive the service from the Company and/or other personal performing any similar activities i.e. the personal participates any activity, website, online system and platform or application user, any person who contact to receive the information or service from the Company and the product and/or service survey respondent. Also including any person who might connect with the customer mean any representative of the customer i.e. executive, director, employee, representative or any other who act on the customer behalf (in case the customer is a juristic person or business organisation) and shall include the personal whose personal data is presented through the document using in the transaction i.e. manager, buyer, consignee and payer regardless whether that personal is categorised as the My Lotus’s member, Makro members or others, e.g. B2B customer, both individual or business organisation, who does not have My Lotus’s and/or Makro membership.
Parts of this Privacy Notice also apply if you use our in-store pharmacy services and to our store CCTV systems where they capture footage of you.
Some other parts of our business and other companies in our Group may need to collect and use your personal information to provide you with their products and services and for certain other purposes. In such case, your personal information provided to them will be subject to their relevant privacy notices.
Our Websites, online systems, platforms or Mobile Apps may contain links to other websites operated by other organisations that have their own privacy notices. Please make sure you read the terms and conditions and privacy notices carefully before providing any personal information on a website as we do not accept any responsibility or liability for websites of other organisations.
This Privacy Notice may be replaced or amended from time to time. If we make changes, we will notify such changes or replacement by making them available at our stores, on our Websites or any other appropriate channel available time to time. Please review this Privacy Notice (as updated from time to time) so you understand our how we treat your personal information and your rights regarding the collection, use and disclosure of your personal information.
Your personal information may be collected and stored when you access the Company’s services. Additionally, the Company may obtain certain types of information from other sources, as detailed below:
When you register for our services or apply to be My Lotus’s or Makro member including B2B customer, you may provide us with: |
|
When you shop with us or browse our Websites or use our online systems, platforms, Mobile Apps, we may collect: |
|
When you use our bill payment service, we may collect: |
|
When you use membership to shop with us, or use membership vouchers or coupons, with your consent, we may collect: |
|
When you contact us or we contact you or you take part in promotions, competitions or campaigns, surveys or reviews about our services, we may collect: |
|
When you ask us to fulfil your request relating to tax |
|
Other cases under the Company’s security system, for example, CCTV |
|
When you contact us, our customer service representatives or the customer service representatives which are contracting party of the Company via both online and offline channels. |
|
When you report any incident to us such as in case of lost items, accidents, or illegal acts within the Company’s premises. |
|
If you were already a customer of the Company before the Personal Data Protection Act B.E. 2562 (the “PDPA”) came into effect, the Company will continue to collect and use your personal information that it has previously gathered for the original purposes for which you provided the information, in accordance with the law.
If necessary, the Company may collect your sensitive personal information such as health information, religion, blood type, etc. only with your explicit consent or when permitted by laws.
The information collected from the activities above may be classified into the following types:
Aggregated Data – We try and remove personal information we do not need. If we remove enough personal information is becomes anonymous. This means that you cannot be identified. We might also take data we hold and remove certain information and replace it with other non-identifying information such as ID number or reference number. This is an extra technique we use to protect data. We normally use these techniques to look at large amounts of individuals (such as our membership customers). This includes information that is statistical or demographic data.
Special Category Data – This is special information that the law says is more sensitive (sometimes it is referred to as “sensitive personal data”) and it needs more protection. For the Company, this is principally health information if you use our pharmacy services or we may collect sensitive personal data in other circumstances such as our interactions with you when you are making a complaint to us.
Location Data - In some cases our online systems, platforms or apps might ask for your location information to help better serve you information about your local store or for us to make the correct delivery, you will be made aware at the time if we would collect this data.
Other sources of personal data
We may collect or use personal data from other sources under common control and ownership of the holding company or parent company of the Company but not limited to the Company, Siam Food Services, Lotus’s Money Group, or any affiliates and subsidiaries of such member as well as business entities under Charoen Pokphand Group that engage in the following businesses (a) telecom & media e.g. True Corporation Public Company Limited, True Digital Group Co., Ltd. and affiliates (b) agro-food e.g. Charoen Pokphand Food Public Company Limited and affiliates (c) retail & distribution e.g. CP All Public Company Limited and affiliates (d) e-commerce & digital e.g. Ascend Group Co., Ltd., True Money Co., Ltd. and affiliates (e) property development e.g. C.P. Land Public Company Limited and affiliates. This includes Lotus’s Money Services, Lotus’s General Insurance Broker and Lotus’s Life Insurance Broker (together as “Lotus’s Money”) and affiliates. specialist companies that supply information, online media channels, our Membership Partners and Public Registers. For example, this other personal data helps us to:
· create/manage your Makro and My Lotus’s membership account (including the allocation of membership points or coins as the case may be);
· review and improve the accuracy of the data we hold; and
· improve and measure the effectiveness of our marketing communications, including online advertising.
In addition, we may also collect personal data from and/or disclose the personal data to an authorized online third-party marketplace (e.g. Lazada, Shopee). For example, if you purchase any products offered by the Company store via marketplace website or application, we may collect, use and disclose the personal data you have provided on such marketplace in accordance with the purposes set out in this Privacy Notice.
For your information, Membership Partners refer to an entity or organisation that participates in business activity with the Company, details of which are set out below under heading “Sharing personal data with our partners” and Public Registers refer to your personal data that may be available in any public source which we can use to enrich or validate your personal data.
Any collection of your personal information by relevant employees of the Company or other relevant persons or any actions performed on behalf of the Company which is necessary for providing services and management of our website, including the use of personal information for any undertakings may rely on (1) Consent basis (2) Contractual necessity (i.e. performance of a contract or taking steps at your request before entering into a contract) (3) Legal obligation basis and (4) Legitimate interests basis by which the purposes of collection, use or disclosure of personal information will be as follows:
We use personal data to | Why do we process your personal information in this way? | Legal Basis for using your personal data |
---|---|---|
Make our Services available to you |
Processing your purchase orders and refunds:
Register for identity verification:
Giving customer supports:
Managing marketing or sales activities and communications:
Special offers, promotions and related activities or campaigns
|
Legitimate Interests
|
Accommodate your request in relation to tax | We need to collect and use your personal information to comply with your requests when you ask us, for example, to issue tax invoice or VAT report in case you want to claim tourist tax refund. |
Contractual Necessity and Legal Obligation
for all categories of customers |
Manage your account including your Makro and My Lotus’s membership | Your personal information enables us to comply with the Terms and Conditions which are agreed with you in relation to the orders you made using membership and enable you, as a member, to participate in promotional activities and enjoy other benefits thereunder such as vouchers, reward points redemption, and any other sale promotions. |
Consent Basis |
Manage and improve our day-to-day operations |
• To continually improve the Company’s operations and provide the best service, especially for B2B customers, we may occasionally visit your store. This will enable us to maintain or enhance our B2B customer satisfaction effectively • To manage our Websites, online systems, platforms and Mobile Apps, we use Cookies and similar technologies on our Websites and Mobile Apps to improve your customer experience. For more information about Cookies and how you can disable them, you can find the method publicly available online. • Help to develop and improve our product range, services, stores, information technology systems, know-how and the way we communicate with you, we rely on the use of personal information to carry out market research and internal research and development, and to improve our information technology systems (including security) and our product range, services and stores. This allows us to serve you better as a customer. We also use personal information to improve our customer experience (e.g. substituting products (when we are out of stocks) and fulfilment experience (how we pick / pack / deliver) to customers. • Detect and prevent fraud or other crime, it is important for us to monitor how our services are used to detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our services. |
• Consent Basis for cookies selection by all categories of customers • Contractual Necessity and Statistical Research for all categories of customers • Legitimate Interests for all categories of customers |
Conduct marketing research and communications |
Developing and improving our product range, services, stores, information technology systems, know-how
Personalising your experience with the Company
|
• Consent Basis
• Contractual Necessity for relevant Customers • Legitimate interest for all categories of Customers |
Marketing PR, advertising and marketing including the Corporate Social Responsibilities (CSR) activities or campaigns |
When you participate in our marketing, advertising and PR, CSR activities or any other campaigns arranged by us including a live streaming or video recording for the above purposes, whether at our stores or other premises, we may use your photograph, footage or photo in order to publish in our online, print and social medias where we will notify you earlier via appropriate means subject to each circumstance. |
Legitimate Interest
|
Customer survey and feedbacks |
From time to time, we may invite you to take part in and manage customer surveys, reviews and other marketing research activities carried out by our Group and by other organisations on our behalf. The objective is mainly to improve our services. However, if we contact you about this, you do not have to take part in the activities. We will respect your choice and this will not affect your ability to use our services including your membership. |
Legitimate Interest and Statistical Research for all categories of Customers |
Detect and prevent fraud or other crime including legal compliance | It is important for us to monitor how our services are used in order to detect and prevent fraud, other crimes and any misuse of services, to conduct ourselves in compliance with the laws, and to verify your identity in connection with the requests you made under this Notice. This helps us to make sure that our legal and regulatory compliance has been addressed and you can safely use our services. |
Legal Obligation and Legitimate Interest |
Contact and interact with you |
• Contact you about our services, for example by phone, SMS, instant messenger (including but not limited to Facebook Messenger), Line, email, post or by responding to social media posts that you have directed at us. We want to serve you better as a customer so we use personal information to provide clarification or assistance in response to your communications • Manage promotions and competitions you take part in, including those we run with our suppliers and Membership Partners. We need to process your personal information so that we can manage the promotions and competitions you choose to enter. |
Legitimate interest
|
Legal Claims | To establish claims, comply with, or exercise legal claims, or to defend against legal claims, resolve disputes involving you or us, including investigating and reporting incidents that occur, and to process claims for compensation under insurance contracts. For example, in cases you have any accident or there is an incident occurs on our premises. |
Legal Obligation and Legitimate Interest |
Comply with the relevant law relating to the operations and other lawful demand of the competent authority or official |
Comply with the regulatory requirement i.e. tax regulations, personal data protection law and a lawful order of the competent authority i.e. Personal Data Protection Commissioner |
Legal Obligation and Legitimate Interest |
Corporate restructure within Group companies |
• To consider, study, analyze and implement the corporate restructuring plan whether within our organisation or within Group, covering the acquisition and sell or transfer of our business regardless of in whole or in part. • To consider, study, analyze and implement the corporate restructuring plan whether within our organisation or within Group, covering the acquisition and sell or transfer of our business regardless of in whole or in part. |
• Legitimate Interest
• Contractual Necessity |
Verify, monitor the safety and security of the individual and Company’s asset |
• In order to protect you, our business, the local community, and colleagues, we record CCTV footage to monitor the safety of our stores and to prevent and detect crime and anti-social behaviour and protect or prevent any damage to life, body and health of the individual. • If you park in our car parks, we may utilise Automatic Number Plate Recognition Technologies (or other technology with the same nature) to identify if your vehicle has complied with our parking rules. Where there is a security or claim incident involving a vehicle, we may use this technology to assist in our investigation into those incidents. |
Legitimate Interest |
Pharmacy |
• To ensure the safe delivery of healthcare services, we need to process your personal data, including your medical information, to ensure we provide you with the highest standard of care or as required by applicable laws. Your prescriptions information will not be used for any other purpose. • By using our pharmacy services and supplying your personal information (including medical and health information), you are deemed to give consent for us to collect, use and disclose such personal information for the purpose under this paragraph |
Consent Basis and Medical Necessity |
In the case where the personal information collected by us as stated above is necessary for the Company’s compliance with applicable laws or performance of contract and you do not provide us with such necessary personal information, the Company may be subject to legal liabilities and/or may not be able to provide you with our products and services and/or may not be able to manage or administer the contract or give any convenience for you.
If the Company needs to collect, use, disclose or perform any processes with your personal information, apart from the purposes mentioned in this Privacy Notice, we will inform such change in the website or publish the notice at the Company’s stores which may require an additional consent from you.
Our Legitimate Interests in using your personal data
Where we have mentioned above our use of your personal data is based on our “legitimate interests”, these are:
• to service our customers’ needs, including delivering our products and services;
• to promote and market our products and services (both our own products and branded goods) for non-membership customer;
• to service your account, manage complaints and resolve any disputes;
• to understand our customers including their patterns, behaviours as well as their likes and dislikes;
• to protect and support our business, colleagues, customers and shareholders;
• to prevent and detect anti-social behaviour, fraud and other crime;
• to test and develop new products and services as well as improve existing ones; and
• to expand and sustain our business operation which would essentially benefit your experience with us
The Company may disclose your personal information to other relevant parties for the purpose that has been stipulated under this Privacy Notice to:
1. Subsidiaries, affiliates and any related companies for purposes of undertaking activities as set out in this Privacy Notice;
2. Agencies, contractors/sub-contractors and/or service providers for their implementation and procedures, for example, carriers, food ordering and delivery service providers, document storage and destruction service providers, printing house, marketing agency, IT development and maintenance service providers, auditors, lawyers, tax and legal advisors, and any consultants;
3. Government authorities, supervisory authorities or other authorities as stipulated by laws, including competent officials;
4. Insurance companies;
5. Our business partners or other third parties as per your consent or relevant contractual requirements or legal requirements, as the case may be.
6. The assignee of the rights, duties, and any benefits from the Company, including any persons who are assigned by the aforesaid assignee to act on its behalf, for example, in the case of organizational restructuring, merger or acquisition, etc.
When you use our services or become Makro or My Lotus’s member, we may share your personal information we collect with other companies in our Group so that they can assist and facilitate us in processing such personal data for any purposes of collection, use and disclosure which are stated in this Notice. These companies include but not limited to:
· Business entities under Charoen Pokphand Group that engage in the following businesses:
(a) telecom & media e.g. True Corporation Public Company Limited, True Digital Group Co., Ltd. and affiliates
(b) agro-food e.g. Charoen Pokphand Food Public Company Limited and affiliates
(c) retail & distribution e.g. CP All Public Company Limited and affiliates
(d) e-commerce & digital e.g. Ascend Group Co., Ltd., True Money Co., Ltd. and affiliates
(e) property development e.g. C.P. Land Public Company Limited and affiliates.
· Business entities in Lotus’s Money Group namely Lotus’s Money Services Ltd., Lotus’s General Insurance Broker Ltd. and Lotus’s Life Insurance Broker Ltd,
In the event you allow us to share your personal data within our Group (i.e. by giving consent for personal data sharing in the Makro or My Lotus’s membership application or at any time you opt in), we may also make your personal data available to other companies within our Group as mentioned above for them to tailor offers and communicate with you in relation to their products, services or any marketing campaign which might be of your interest.
In addition, we may disclose your personal data to other companies in our Group subject to your instruction or data transferring request. For example, you may ask us to share your MyLotus’s membership number with Lotus’s Money in order to link your Lotus’s credit card with My Lotus’s membership number so that you can earn extra points or benefits when you use the credit card to shop with us.
In case of acquisition and sell or corporate restructure of our Group, we may need to disclose your personal information as necessary to other companies within our Group in order to ensure the continuity and efficiency of our services rendered.
When we share personal information with these companies, we require them to keep it safe, and they must not use your personal information for their own marketing purposes.
Membership Partners | We work with a number of Membership Partners who -
We only share personal information that enable our Membership Partners to provide their services. For example, when you shop via online channel, we will give the relevant Membership Partner your name and contact details so that they can deliver your items. |
Merchants |
When you use our bill payment service, we may share your personal data with the transaction parties or other parties involved in processing your transactions including but not limited to Bangkok Bank Plc (BBL). This includes merchants and service providers whose commodities or services are paid through our bill payment service. Sharing of your personal information and the relevant information is necessary for facilitating your bill payment and helping us and other participants resolve disputes, and detect and prevent fraud. |
My Lotus’s Membership Partners | At your request, we may transfer your personal information to our My Lotus’s Membership Partners including but not limited to Charoen Pokphand Seeds Co., Ltd., One Siam, Bangchak and other partners we will have in the future for them to verify your identity and/or adding points to My Lotus’s Membership Partners’ loyalty program according to the specified term and condition and/or facilitate you in converting My Lotus’s membership coins into rewards, points or other benefits you are entitled to from being a member of our My Lotus’s Membership Partners. |
Service Providers, Vendors and Consultants |
We work with carefully selected service providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing, combining and analysing data, processing payments, provide us with legal, lawyer, external audit or other professional services or expert as well as delivering orders. We only share personal information that enable our service providers to provide their services. Some of the service providers we work with operate online media channels, and they place relevant online advertising for our products and services, as well as those of our suppliers and our Membership Partners, on those online media channels on our behalf. For example, you may see an advert for our products and services as you use a particular social media site or watch television. Examples of our service providers include Facebook, Adobe, Google, Line, Instagram, and Twitter. |
The Company may transfer your personal information to overseas for the purpose as stipulated under this Privacy Notice such as sending personal information to the company which processes personal information on our behalf. Where such disclosure or transfer of your personal information to third parties or affiliated companies located overseas, the Company shall comply with the relevant laws regarding sending or transfer of personal information to overseas and ensure that the receiving country has an adequate data protection and security standard at the same level or same standard as provided under the PDPA.
We retain your personal information for as long as is considered necessary for the purpose for which it was collected, used or disclosed as set out in this Privacy Notice, i.e. as long as you are member of the Company, or for a period as necessary to comply with applicable laws, or to be in accordance with legal prescription, or to establish, comply with or exercise the rights to legal claims or defend against the rights to legal claims, or if you have request us to delete your personal information, or to comply with, for any other cause, our internal policies and regulations.
Right of access |
You have a right to get access and obtain a copy of your personal information that we hold about you, or you may ask us to disclose the sources of where we obtained your information that you haven’t given consent. The Company will send such copy to you within 30 days upon obtaining your request. In certain cases, the Company may request additional information in order to confirm your identity and your rights as part of our security measures. |
Right to data portability |
You have a right to request us to automatically transfer your personal information to other persons, and request to see the personal information that we have transferred to other persons, unless it is impossible due to technical circumstances. |
Right to object the processing of your information |
You have a right to object to collection, use or disclosure of your personal information at any time, for example, if it is under the following circumstances: 1) It is for the purpose of direct marketing; and/or 2) It is for the purpose of scientific, historical or statistical research unless it is necessary to performance of a task carried out for reasons of public interest by the data controller. |
Right to erasure |
You have a right to request us to delete, destroy or anonymize your personal information in the following circumstances where: 1) The personal information is no longer necessary for the purpose of which it was collected, used or disclosed; 2) You have withdrawn your consent to which the collection, use or disclosure is based on; 3) You have objected to the collection, use or disclosure of the personal information and the Company has no ground to reject such request; and/or 4) When the personal information has been unlawfully collected, used or disclosed under the PDPA. |
Right to restrict the processing of your information |
You have a right to request us to restrict the processing of your personal information in the following circumstances when: 1) It is under the pending examination process of checking whether the personal information is accurate, up-to-date and complete or not; 2) It is the personal information that should be deleted or destroyed as it does not comply with the law and you request to restrict it instead; 3) The personal information is no longer necessary to retain for the purpose of which it was collected, used or disclosed, but you still have the necessity to request the retention for the purposes of the establishment, compliance, or exercise of legal claims or the defence of legal claims; 4) The Company is pending verification in order to reject the objection request of the collection, use or disclosure of personal information. |
Right to withdraw consent |
You may withdraw your consent at any time, unless it is restricted by law, or the contract which gives benefits to you. However, the withdrawal of consent shall not affect the processing of personal information you have already given consent legally. |
Right to rectification |
You have a right to rectify inaccurate personal information in order to make it accurate, up-to-date, complete and not misleading. If the Company rejects your request, the Company will record such rejection with reasons. |
Complaint to the data protection regulator
You will have the right to make a complaint if the Company, our data processor including where our employees and employers do not comply with the PDPA or other notifications issued under the PDPA.We’d like the chance to resolve any complaints you have, however you also have the right to complain to the Office of the Personal Data Protection Commission about how we have used your personal information.
For My Lotus’s member
You can exercise your rights relevant to your personal information as mentioned above by providing your information in the Data Subject Request Form. Please send your request with relevant documents to [email protected] or you may contact My Lotus’s call center at 1430 #1.
For Makro member
In case you have any questions or would like to exercise any rights relating to your personal information, please submit your request via www.siammakro.co.th on exercise your right under the PDPA topics or contact the public relation staffat the branch or call center tel. 02-779-9955 every Monday to Friday between 08.00-18.00 hours.
We may deny or comply with your request in relation to the exercise of these rights only in part, subject to the applicable laws and regulations. For example, we may limit your Subject Access Request if such access would adversely affect the right and freedom of others or we may retain the personal data you request to be erased in exercise of our legal rights or in compliance with the obligation prescribed by law.
In the event that the personal information you have provided has changed, you must notify us of such update or edit the provided personal information so that your personal information is always accurate and up-to-date. If any of your personal information is incorrect, it may affect the service provision of the Company and we will not be responsible for any loss or damage that may occur to you or the third party as a result of your failure to correct or update your personal information to be accurate in any way.
We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place:
· We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
· We protect the security of your information while it is being transmitted by encrypting it;
· We use computer safeguards such as firewalls and data encryption to keep this data safe;
· We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
· We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security; and
· We will ask for proof of identity before we share your personal data with you.
Whilst we take appropriate technical and organisational measures to safeguard your personal information, it is important that you keep your login details and devices protected from unauthorised access.
We and our partners use Cookies and similar technologies, such as tags, pixels and SKD (“Cookies”), to personalise and improve your customer experience as you use our Websites, online systems, platforms and Mobile Apps and to provide you with relevant online advertising. This section provides more information about Cookies and any similar technologies, including how we use them and how you can exercise your choices about our use of Cookies and similar technologies.
How we use Cookies and similar technologies
Cookies are small text files containing a unique identifier, which are stored on your computer, tablet or mobile device so that your device can be recognised when you are using a particular website, online systems, platforms or mobile app. They can be used for the duration of your visit or they can be used to measure how you interact with services and content and location over time. Cookies help to provide important features and functionality on our Websites, online systems, platforms and Mobile Apps, and to improve your customer experience. Cookies can also be used help us to detect fraudulent activity or to prevent security breaches and so we may record information about your device within the Cookies.
Improve the way our Websites and Mobile Apps work |
Cookies allow us to improve the way our Websites, online systems, platforms and Mobile Apps work so that we can personalise your experience and allow you to use many of their useful features. For example, we use Cookies so we can remember your preferences and the contents of your shopping basket when you return to our Websites and Mobile Apps. |
Improve the performance of our Websites and Mobile Apps |
Cookies can help us to understand how our Websites, online systems, platforms and Mobile Apps are being used, for example, by telling us if you get an error messages as you browse. These Cookies collect data that is mostly aggregated and anonymous. |
Deliver relevant online advertising, including via social media |
We use Cookies to help us deliver online advertising that we believe is most relevant to you on our Websites, on other organisations’ websites and using social media. Cookies used for this purpose are often placed on our Websites by organisations providing specialist services to us. These Cookies may collect information about your online behaviour, such as your IP address, the website you arrived from or your IP address and information about your purchase history or the content of your shopping basket. This means that you may see our adverts on our Websites and on other organisations’ websites. You may also see adverts for other organisations on our Websites. To help us to deliver online advertising that is relevant to you, we may also combine data we collect through Cookies in the browser of your desktop computer or other devices with other data that we have collected, for example your use of membership and in-store purchases. |
Measuring the effectiveness of our marketing communications, including online advertising |
Cookies can tell us if you have seen a specific advert, and how long it has been since you have seen it. This information allows us to measure the effectiveness of our online advertising campaigns and control the number of times you are shown an advert. We also use Cookies to measure the effectiveness of our marketing communications, for example by telling us if you have opened a marketing email that we have sent you. |
Third parties operating through our Websites, online systems, platforms and Mobile Apps
Our key partners are listed below with information about the services they provide to us. This list is not exhaustive but it does include those partners with whom we have an established relationship and whose cookie technologies are most frequently deployed through our services.
Measurement & Personalisation | To analyse how our services are used, including to test and develop different content versions. This data may also be used to enable us to personalise our services, develop service or product and the marketing of our services. |
Adobe
Aappsflyer Optimizely Google Analytics, Google Firebase, Google Tag Manager and Mindshare |
Product recommendations | To enrich your shopping experience by delivering personalised recommendations to you on some of our websites and application. |
Adobe
Optimizely Google Analytics, Google Firebase, Google Tag Manager and Mindshare |
Online marketing | To personalise the Company's adverts shown to you via our Websites and on other websites based on your interactions with us. For example, by using data about your transactions with us, what you have in your basket and the pages and products you look at or webpage you frequently visit. We may also use your My Lotus’s membership card data to better personalise our marketing. |
Egg Digital
Bing Google Analytics, Google Firebase, Google Tag Manager Adobe Optimizely and Mindshare |
Social media | To market to you via social media platforms and to enable social sharing and engagement on our websites and application. These companies may use your data for their own purposes, including to profile and target you with other advertising. |
Facebook
Line |
Delivering ads for us and our Retail Partners | To enable us to personalise and deliver online advertising on our online media for ourselves and on behalf of our Retail Partners. |
Google Analytics, Google Firebase, Google Tag Manager |
Security of our websites and apps | To enable us to prevent and monitor security of our systems and services. | Akamai |
Our Websites may be redirected to other websites for the purpose of facilitating you when you visit other websites. These websites may collect your personal information where the Company is not involved nor responsible for the collection of your personal information or the disclosure of your personal information to other websites of other parties, as well as the privacy notice of those websites in any way. For this reason, we recommend that you carefully review the privacy notice of those websites before you using their websites.
The Company reserves the right to change, amend or update this Privacy Notice at any time as it deems appropriate by notifying you of the said changes, amendments or updates on our Websites which you can check at any time.
In the event of a breach or leakage of personal information, we require that the reporting party notify through the channels specified by the Company or contact the DPO immediately. The channels for reporting breaches are as follows:
For My Lotus’s member:
The Data Protection Officer can be contacted by
Email: [email protected]
For Makro member:
Tel: 02-067-9700 every Monday to Friday during 08.00-18.00 hours
Email: [email protected]
If you have any comments, suggestions, questions or want to make a complaint regarding your personal information, please contact us at:
For My Lotus’s member:
If you have any questions about how we collect, store and use personal data please contact us by
Email: [email protected]
And, our Data Protection Officer can be contacted by
Email: [email protected]
For Makro member:
Address: 1468 Phatthanakan Road, Phatthanakan, Suan Luang, Bangkok 10250
Tel: 02-779-9955 every Monday to Friday during 08.00-18.00 hours
Data Protection Officer can be contacted at
Address: 1468 Phatthanakan Road, Phatthanakan, Suan Luang, Bangkok 10250
Email: [email protected]
Address: 1468 Phatthanakan Road, Phatthanakan, Suan Luang, Bangkok 10250
Email: [email protected] or [email protected]
This Privacy Notice was last updated on 1 October 2024.