Loading...

Privacy and Cookies Policy

We, Ek-Chai Distribution System Company Limited (referred to in this policy as "Company", "we" or "us"), are working hard to serve shoppers a little better every day. Looking after the personal data you share with us is a hugely important part of this. We want you to be confident that your data is safe and secure with us, and understand how we use it to offer you a better and more personalised shopping experience.

The data controller is the Company.

We are committed to doing the right thing when it comes to how we collect, use, disclose and protect your personal data. That's why we've developed this privacy and cookies policy ("Policy"), which:

  • sets out the different ways you interact with us and the types of personal data that we collect;
  • explains the purposes why we use and/or disclose the data we collect;
  • explains when and why we will share personal data with our corporate affiliates, subsidiaries and other companies under common control and ownership of the holding company or parent company of Ek-Chai Distribution System Company Limited ("our Group"), and with other organisations;
  • explains the rights and choices you have when it comes to your personal data; and
  • other matters relating to how we treat your personal data.

We offer a wide range of products and services, so we want you to be clear about what this Policy covers. This Policy applies to you if you use our services (referred to in this Policy as "our Services"). Using our Services means:

  • shopping with us over the phone, in-store or online at our Online Shopping websites or any other platforms operated by a third party through which our products and services are offered;
  • accessing or using any of the websites ("our Websites") or mobile applications ("our Mobile Apps");
  • making bill payments through us, for example, paying utility bill, phone and cable bill, and credit card bill at our cashier counters or via other payment channels we operate;
  • being a member of the Lotus's membership card scheme ("Lotus's membership card"); or
  • contacting or otherwise interacting with us or our customer service teams about our Service.

Group or category of the personal that the Company will collect the personal data

Under this policy, group or category of the personal that the Company will collect and process the personal data consists of any personal purchase the product and/or receive the service from the Company and/or other personal performing any similar activities i.e. the personal participates any activity, website or application user, any person who contact to receive the information or service from the Company and the product and/or service survey respondent. Also including any person who might connect with the customer mean any representative of the customer i.e. executive, director, employee, representative or any other who act on the customer behalf (in case the customer is a juristic person) and shall include the personal whose personal data is presented through the document using in the transaction i.e. manager, buyer, consignee and payer.

Parts of this Policy also apply if you use our in store pharmacy services and to our store CCTV systems where they capture footage of you.

Some other parts of our business and other companies in our Group may need to collect and use your personal data to provide you with their products and services and for certain other purposes. In such case, your personal data provided to them will be subject to their relevant privacy policies.

Our Websites or Mobile Apps may contain links to other websites operated by other organisations that have their own privacy policies. Please make sure you read the terms and conditions and privacy policy carefully before providing any personal data on a website as we do not accept any responsibility or liability for websites of other organisations.

This Policy may be replaced or amended from time to time. If we make changes, we will notify such changes or replacing policy by making them available at our stores, on our Website or any other appropriate channel available time to time. Please review this Policy (as updated from time to time) so you understand our how we treat your personal data and your rights regarding the collection, use and disclosure of your personal data.

This section tells you what personal data we may collect from you when you use our Services and what other personal data we may receive from other sources.

When you register for our Services, you may provide us with:
  • Your personal details, including your name, surname, title, ID number, passport number and date of birth
  • Contact information, including your addresses, email addresses and phone numbers
  • Your account login details, such as your username and the password that you have chosen
  • Other information we may request or you may provide at your option in connection with the registration of our Services
When you shop with us or browse our Websites or use our Mobile Apps, we may collect:
  • Identification information and contact information (including your name, telephone number and delivery address) and any other information you may provide for us to process your purchase or refund (including VAT refund) and delivery of the product you have ordered
  • Information about your online purchases and/or your purchase history, (for example, what you have bought, when and where you bought it and how you paid for it), your credit card detail (the credit card detail will be collect and process by a third party payment gateway service provider to process the payment upon your request, Lotus’s is not collecting, processing or transferring your credit card data for any other purpose)
  • Information about your online browsing behaviour on our Websites and Mobile Apps and information about when you click on one of our adverts (including those shown on other organisations’ websites)
  • Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type and mobile device identifiers)
When you use our bill payment service, we may collect:
  • On behalf of your service provider or merchant, transaction information including any associated information, for example, your payment instruction, amount of payment, product or service paid for, merchant information and other information necessary for processing the payment
  • If required by applicable law, your identification information
When you use Lotus’s membership card to shop with us, or use Lotus’s membership card vouchers or coupons, with your consent, we may collect:
  • Transaction information, including the in-store and online purchases you earn Lotus’s membership card points for and how you use your Lotus’s membership card coupons and vouchers within our Group or with promotional partners who from time to time agree to be part of Lotus’s membership card scheme ("Lotus’s membership card Partners")
When you contact us or we contact you or you take part in promotions, competitions, surveys or reviews about our Services, we may collect:
  • Personal data you provide about yourself anytime you contact us about our Services (for example, your name, username, social media accounts and contact details), including by phone, email or post or when you speak with us through social media
  • Details of the emails and other digital communications we send to you that you open, including any links in them that you click on
  • Your feedback and contributions to customer surveys or reviews and other details you include therein
  • Personal data you provide about yourself anytime you enter our competitions or promotional campaigns
When you ask us to fulfil your request relating to tax
  • Your name, surname, purchase information, tax ID (if any) or any personal data necessary for completing tax invoice, value added tax ("VAT") report or any relevant documents as necessary to comply with your request
When you visit our stores
  • Footage of you may be recorded on our CCTV systems

The data collected from the activities above may be classified into the following types:

Aggregated Data – We try and remove personal data we do not need. If we remove enough personal data is becomes anonymous. This means that you cannot be identified. We might also take data we hold and remove certain information and replace it with other non-identifying information such as ID number or reference number. This is an extra technique we use to protect data. We normally use these techniques to look at large amounts of individuals (such as our Lotus’s membership card customers). This includes information that is statistical or demographic data.

Special Category Data – This is special information that the law says is more sensitive (sometimes it is referred to as sensitive personal data) and it needs more protection. For the Company, this is principally health information if you use our pharmacy services or we may collect sensitive personal data in other circumstances such as our interactions with you when you are making a complaint to us.

Location Data – In some cases our apps might ask for your location information to help better serve you information about your local store, you will be made aware at the time if we would collect this data.

Other sources of personal data

We may collect or use personal data from other sources, such as Lotus’s Money Services, Lotus’s General Insurance Broker and Lotus’s Life Insurance Broker (collectively, "Lotus Money Services"), the holding company or parent company including but not limited to the Company, Dunnhumby, Lotus’s Money Services Co., Ltd., Lotus’s General Insurance Broker Co., Ltd., and Lotus’s Life Insurance Broker Co., Ltd, or any affiliates and subsidiaries of such member as well as business entities under Charoen Pokphand Group that engage in the following businesses (a) telecom & media e.g. True Corporation Public Company Limited, True Digital Group Co., Ltd. and affiliates (b) agro-food e.g. Charoen Pokphand Food Public Company Limited and affiliates (c) retail & distribution e.g. CP All Public Company Limited, Siam Makro Public Company Limited and affiliates (d) e-commerce & digital e.g. Ascend Group Co., Ltd., True Money Co., Ltd. and affiliates (e) property development e.g. C.P. Land Public Company Limited and affiliates. specialist companies that supply information, online media channels, our Retail Partners and Public Registers. For example, this other personal data helps us to:

  • create/manage your Lotus’s membership card account (including the allocation of Lotus’s membership card points);
  • review and improve the accuracy of the data we hold; and
  • improve and measure the effectiveness of our marketing communications, including online advertising.

In addition, we may also collect personal data from and/or disclose the personal data to an authorized online third party marketplaces (e.g. Lazada, Shopee. For example, if you purchase any products offered by the Company store via marketplace website or application, we may collect, use and disclose the personal data you have provided on such marketplace in accordance with the purposes set out in this Policy.

For your information, Retail Partners refer to an entity or organisation that participates in business activity with the Company, details of which are set out below under heading ' Sharing personal data with our partners' and Public Registers refer to your personal data that may be available in any public source which we can use to enrich or validate your personal data.

This section explains in detail how and why we use personal data. We collect or use personal data to:

We use personal data toWhy do we process your personal data in this way?Legal Basis for using your personal data
Make our Services available to you

Processing your purchase orders and refunds:
We need to process your personal data so that we can fulfil our duties to provide you with the goods and services you want to buy and help you with any orders and refunds you may ask for. Preparing the product and/or service Your personal data is necessary for us to process the delivery, billing, confirm the outstanding debt amount and send the receipt to you.

Completing the transaction you request through our bill payment service:
To process the payment of your bills, we collect your personal data and other evidence to effect payment on behalf of your service providers or merchants in order for them to authenticate your identity and verify your payment. In addition, we need your personal information to fulfil the legal and regulatory requirements, for example, to verify that you are not listed as the designated person by the Anti- Money Laundering Office. Register for identity verification Whenever you register to verify your identity to receive for any privilege as a Lotus’s membership card holder or general customer who received the reward for any lucky draw activity or any promotional campaign you have been registered.

Giving customer supports:
When you contact us about our Services and offers, we rely on your personal data including your contact details to revert to you and give you our responses, assistance, clarifications or address the concerns you may have about our Services, whether by phone, email, post or by responding to social media posts that you have directed at us.

Managing promotions, competitions:
We need to process and disclose your personal data so that we can manage the promotions and competitions you choose to enter (for example announcement of competition/lucky draw winner), including those we run with our suppliers and Retail Partners.

Consent Basis 
for Lotus’s membership card Customer at the time you apply for our Lotus’s membership card

Contractual Necessity 
for Non-Lotus’s membership card Customer (at the point of contact) – We will not be able to provide you with your products or services if you do not provide us with this data.

Legitimate Interests  
for Non-Lotus’s membership card Customer 

Accommodate your request in relation to taxWe need to collect and use your personal data to comply with your requests when you ask us, for example, to issue tax invoice or VAT report in case you want to claim tourist tax refund.Contractual Necessity and Legal Obligation
Manage your account including your Lotus’s membership card membershipYour personal data enables us to comply with the Terms and Conditions which are agreed with you in relation to the orders you made using Lotus’s membership card and enable you, as a Lotus’s membership card member, to participate in promotional activities and enjoy other benefits thereunder such as vouchers, reward points redemption, and any other sale promotions.Consent Basis
Manage and improve our day-to-day operations

To manage our Websites and Mobile Apps, we use cookies and similar technologies on our Websites and Mobile Apps to improve your customer experience. Some cookies are necessary so you should not disable these if you want to be able to use all the features of our Websites and Mobile Apps. You can disable other cookies but this may affect your customer experience. For more information about cookies and how you can disable them, you can find the method publicly available online.

Help to develop and improve our product range, services, stores, information technology systems, know-how and the way we communicate with you, we rely on the use of personal data to carry out market research and internal research and development, and to improve our information technology systems (including security) and our product range, services and stores. This allows us to serve you better as a customer. We also use personal data to improve our customer experience (e.g. substituting products (when we are out of stocks) and fulfilment experience (how we pick / pack / deliver) to customers.

Detect and prevent fraud or other crime, it is important for us to monitor how our Services are used to detect and prevent fraud, other crimes and the misuse of Services. This helps us to make sure that you can safely use our Services.

Consent Basis
for Lotus’s membership card Customer

Contractual Necessity and Legitimate interest
for Non-Lotus’s membership card Customer

Conduct marketing research and communications

Developing and improving our product range, services, stores, information technology systems, know-how
We rely on the use of personal data to carry out marketing research and internal research and development, and to improve our information technology systems (including security) and our product range, stores and service standard. This allows us to serve you better as a customer.

Personalising your experience with the Company

  • Looking at your browsing behaviour and purchase history (including Lotus’s membership card transactions) helps us personalising our offers and services for you, we can provide you with special offers or rewards to enhance your shopping experience.
  • Providing you with relevant marketing communications (including by email, post or online advertising and other channels available time to time), relating to our products and services, and those of our suppliers, Retail Partners and our Group. As part of this, online advertising may be displayed on websites across our Group and on other organisations’ websites and online media channels. We may also measure the effectiveness of our marketing communications and those of our suppliers and Retail Partners. We want to ensure that we provide you with marketing communications, including online advertising, that are relevant to your interests. To achieve this we also measure your responses to marketing communications relating to products and services we offer, which also means we can offer you products and services that better meet your needs as a customer. 
  • Using your personal data to improve our customer experience (e.g. substituting products (when we are out of stocks) and fulfilment experience (how we pick / pack / deliver) to customers.

Consent Basis 
for Lotus’s membership card Customer

Contractual Necessity and Legitimate interest for Non-Lotus’s membership card Customer

Customer survey and feedbacks

From time to time, we may invite you to take part in and manage customer surveys, reviews and other marketing research activities carried out by our Group and by other organisations on our behalf.

In the event you decide to take such customer surveys, you are deemed to give consent for us to collect, use and disclose any additional personal data that you may provide for the purposes stated in this Policy or other purposes we notify you in the survey forms.

Consent Basis 
upon agreeing to do the survey or provide feedback)

Detect and prevent fraud or other crime and compliance with lawIt is important for us to monitor how our Services are used in order to detect and prevent fraud, other crimes and any misuse of services, to conduct ourselves in compliance with the laws, and to verify your identity in connection with the requests you made under this Policy. This helps us to make sure that our legal and regulatory compliance has been addressed and you can safely use our Services.Legal Obligation and Legitimate Interest
Contact and interact with you

Contact you about our Services, for example by phone, SMS, instant messenger (including but not limited to Facebook Messenger), email, Perfect Order Survey or post or by responding to social media posts that you have directed at us. We want to serve you better as a customer so we use personal data to provide clarification or assistance in response to your communications

Manage promotions and competitions you take part in, including those we run with our suppliers and Retail Partners. We need to process your personal data so that we can manage the promotions and competitions you choose to enter.

Invite you to take part in and manage customer surveys, reviews and other market research activities carried out by our Group and by other organisations on our behalf. We carry out market research to improve our Services. However, if we contact you about this, you do not have to take part in the activities. If you tell us that you do not want us to contact you for market research, we will respect this choice. This will not affect your ability to use our Services or your Lotus’s membership card.

Provide an after sale service and serve your request, respond to your query, support the user, supply information, consider your complaint, claims and solve the problem and all obstacle.

Consent Basis
for Lotus’s membership card Customer

Legitimate interest 
for Non-Lotus’s membership card Customer

ClaimsIn order to resolve legal claims or disputes involving you or us. For example if you have any accident or there is an incident at our stores. Legal Obligation and Legitimate Interest
Comply with the relevant law relating to the operations and other lawful demand of the competent authority or official

Comply with the regulatory requirement i.e. tax regulations, personal data protection law and a lawful order of the competent authority i.e. Personal Data Protection Commissioner

If you park in our car parks, we may utilise Automatic Number Plate Recognition Technologies (or other technology with the same nature) to identify if your vehicle has complied with our parking rules. Where there is a security or claim incident involving a vehicle, we may use this technology to assist in our investigation into those incidents.

Legitimate Interest
Verify, monitor the safety and security of the individual and Company’s asset

In order to protect you, our business, the local community, and colleagues, we record CCTV footage to monitor the safety of our stores and to prevent and detect crime and anti-social behaviour and protect or prevent any damage to life, body and health of the individual..

If you park in our car parks, we may utilise Automatic Number Plate Recognition Technologies (or other technology with the same nature) to identify if your vehicle has complied with our parking rules. Where there is a security or claim incident involving a vehicle, we may use this technology to assist in our investigation into those incidents.

Legitimate Interest
Pharmacy

To ensure the safe delivery of healthcare services, we need to process your personal data, including your medical information, to ensure we provide you with the highest standard of care or as required by applicable laws. Your prescriptions information will not be used for any other purpose.

By using our pharmacy services and supplying your personal data (including medical and health information), you are deemed to give consent for us to collect, use and disclose such personal data for the purpose under this paragraph.

Consent Basis and Medical Necessity

Our Legitimate Interests in using your personal data

Where we have mentioned above our use of your personal data is based on our "legitimate interests", these are:

  • to service our customers’ needs, including delivering our products and services;
  • to promote and market our products and services (both our own products and branded goods) for Non-Lotus’s membership card Customer;
  • to service your account, manage complaints and resolve any disputes;
  • to understand our customers including their patterns, behaviours as well as their likes and dislikes;
  • to protect and support our business, colleagues, customers and shareholders;
  • to prevent and detect anti-social behaviour, fraud and other crime;
  • to test and develop new products and services as well as improve existing ones; and
  • to expand and sustain our business operation which would essentially benefit your experience with us

This section explains how and why we share personal data with other companies within our Group.

When you use our Services or become Lotus’s membership card member, we may share your personal data we collect with other companies in our Group so that they can assist and facilitate us in processing such personal data for any purposes of collection, use and disclosure which are stated in this Policy. These companies include but not limited to:When you use our Services or become Clubcard member, we may share your personal data we collect with other companies in our Group so that they can assist and facilitate us in processing such personal data for any purposes of collection, use and disclosure which are stated in this Policy. These companies include but not limited to :

  • dunnhumby group – one of our main service providers, who helps us analyse your behaviour in order to improve our understanding about you.

Business entities under Charoen Pokphand Group that engage in the following businesses

(a) telecom & media e.g. True Corporation Public Company Limited, True Digital Group Co., Ltd. and affiliates
(b) agro-food e.g. Charoen Pokphand Food Public Company Limited and affiliates
(c) retail & distribution e.g. CP All Public Company Limited, Siam Makro Public Company Limited and affiliates
(d) e-commerce & digital e.g. Ascend Group Co., Ltd., True Money Co., Ltd. and affiliates
(e) property development e.g. C.P. Land Public Company Limited and affiliates.

In the event you allow us to share your personal data within our Group (i.e. by giving consent for personal data sharing in the Lotus’s membership card application or at any time you opt in), we may also make your personal data available to other companies within our Group, including Lotus’s Money Services for them to tailor offers and communicate with you in relation to their products, services or any marketing campaign which might be of your interest.

In addition, we may disclose your personal data to other companies in our Group subject to your instruction or data transferring request. For example, you may ask us to share your Lotus’s membership card number with Lotus’s Money Services in order to link your Lotus’s credit card with Lotus’s membership card so that you can earn extra points or benefits when you use the credit card to shop with us.

Sharing personal data with our partners

This section explains how and why we share personal data with Retail Partners, Merchants, Lotus’s membership card Partners and Service Providers, Vendors and Consultants.

When we share personal data with these companies we require them to keep it safe, and they must not use your personal data for their own marketing purposes.

Retail PartnersWe work with a number of Retail Partners who
  • sell products through our Services or
  • offer products, services and/or the ability to earn points through Lotus’s membership card.

We only share personal data that enable our Retail Partners to provide their services. [For example, when you shop via online channel we will give the relevant Retail Partner your name and contact details so that they can deliver your items.

Merchants

When you use our bill payment service, we may share your personal data with the transaction parties or other parties involved in processing your transactions including but not limited to Bangkok Bank Plc (BBL). This includes merchants and service providers whose commodities or services are paid through our bill payment service. 

Sharing of your personal data and the relevant information is necessary for facilitating your bill payment and helping us and other participants resolve disputes, and detect and prevent fraud. 

Lotus’s membership card PartnersAt your request, we may transfer your personal data to our Lotus’s membership card Partners including but not limited to Esso Smile and other partners we will have in the future for them to verify your identity and facilitate you in converting Lotus’s membership card points into rewards, points or other benefits you are entitled to from being a member of our Lotus’s membership card Partners. 
Service Providers, Vendors and Consultants

We work with carefully selected Service Providers that carry out certain functions on our behalf. These include, for example, companies that help us with technology services, storing, combining and analysing data, processing payments, provide us with legal, lawyer, external audit or other professional services or expert as well as delivering orders. We only share personal data that enable our Service Providers to provide their services.

Some of the Service Providers we work with operate online media channels, and [they place relevant online advertising for our products and services, as well as those of our suppliers and our Retail Partners, on those online media channels on our behalf. For example, you may see an advert for our products and Services as you use a particular social media site or watch television.

Examples of our Service Providers include Facebook, Adobe, Google, Line, Instagram, and Twitter.

Sharing personal data with other organisations

This section explains how and why we share personal data with other organisations.

We may share personal data with other organisations in the following circumstances:

  • if the law or a public authority says we must share personal data or for the administration of justice;
  • if we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud);
  • [where we restructure, sell or transfer our business (or a part of it). For example, in connection with a takeover or merger.]

We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place:

  • We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
  • We protect the security of your information while it is being transmitted by encrypting it;
  • We use computer safeguards such as firewalls and data encryption to keep this data safe;
  • We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
  • We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security; and
  • We will ask for proof of identity before we share your personal data with you.

Whilst we take appropriate technical and organisational measures to safeguard your personal data, it is important that you keep your login details and devices protected from unauthorised access.

The personal data that we collect from you may be transferred to, and stored at, a destination outside Thailand. It may also be processed by companies operating outside Thailand who work for us or for one of our Service Providers. If we do this we ensure that your privacy rights are respected in line with this Policy and the applicable laws.

We will not keep your personal data longer than we need to. How long this is depends on several factors, including:

  • Why we collected it in the first place;
  • How old it is;
  • Whether there is a legal/regulatory reason for us to keep it;
  • Whether we need it to protect you or us.

We and our partners use cookies and similar technologies, such as tags ,pixels and SKD ("Cookies"), to personalise and improve your customer experience as you use our Websites and Mobile Apps and to provide you with relevant online advertising. This section provides more information about Cookies and any similar technologies, including how we use them and how you can exercise your choices about our use of Cookies and similar technologies.

How we use Cookies and similar technologies

Cookies are small text files containing a unique identifier, which are stored on your computer, tablet or mobile device so that your device can be recognised when you are using a particular website or mobile app. They can be used for the duration of your visit or they can be used to measure how you interact with services and content and location over time. Cookies help to provide important features and functionality on our Websites and Mobile Apps, and to improve your customer experience. Cookies can also be used help us to detect fraudulent activity or to prevent security breaches and so we may record information about your device within the cookie.

When you accept Cookies on our Services, these may be used to do the following:

Improve the way our Websites and Mobile Apps work

Cookies allow us to improve the way our Websites and Mobile Apps work so that we can personalise your experience and allow you to use many of their useful features.

For example, we use Cookies so we can remember your preferences and the contents of your shopping basket when you return to our Websites and Mobile Apps.

Improve the performance of our Websites and Mobile Apps

Cookies can help us to understand how our Websites and Mobile Apps are being used, for example, by telling us if you get an error messages as you browse.

These Cookies collect data that is mostly aggregated and anonymous.

Deliver relevant online advertising, including via social media

We use Cookies to help us deliver online advertising that we believe is most relevant to you on our Websites, on other organisations’ websites and using social media. 

Cookies used for this purpose are often placed on our Websites by organisations providing specialist services to us. These Cookies may collect information about your online behaviour, such as your IP address, the website you arrived from or your IP address and information about your purchase history or the content of your shopping basket. This means that you may see our adverts on our Websites and on other organisations’ websites. You may also see adverts for other organisations on our Websites.

To help us to deliver online advertising that is relevant to you, we may also combine data we collect through Cookies in the browser of your desktop computer or other devices with other data that we have collected, for example your use of Lotus’s membership card and in-store purchases.

Measuring the effectiveness of our marketing communications, including online advertising

Cookies can tell us if you have seen a specific advert, and how long it has been since you have seen it. This information allows us to measure the effectiveness of our online advertising campaigns and control the number of times you are shown an advert.

We also use Cookies to measure the effectiveness of our marketing communications, for example by telling us if you have opened a marketing email that we have sent you.

Third parties operating through our Websites and Mobile Apps

Our key partners are listed below with information about the services they provide to us. This list is not exhaustive but it does include those partners with whom we have an established relationship and whose cookie technologies are most frequently deployed through our Services.

Measurement & PersonalisationTo analyse how our services are used, including to test and develop different content versions. This data may also be used to enable us to personalise our services, develop service or product and the marketing of our servicesAdobe
Facebook
Optimizely
Google Analytics andDot Matters
Product recommendationsTo enrich your shopping experience by delivering personalised recommendations to you on some of our websites and application.Adobe
Facebook
Optimizely
Google and Dot Matters
Online marketingTo personalise the Company's adverts shown to you via our Websites and on other websites based on your interactions with us. For example, by using data about your transactions with us, what you have in your basket and the pages and products you look at or webpage you frequently visit. We may also use your Lotus’s membership card data to better personalise our marketing via our main data partner, Sociomantic (a subsidiary of dunnhumby Limited, a company in our Group).dunnhumby
Bing
Google Analytics
Adobe
Facebook
Optimizely
Google and Dot Matters
Social media

To market to you via social media platforms and to enable social sharing and engagement on our websites and application. These companies may use your data for their own purposes, including to profile and target you with other advertising.

Facebook
Twitter
Instagram
Line
Delivering ads for us and our Retail PartnersTo enable us to personalise and deliver online advertising on our online media for ourselves and on behalf of our Retail Partners.Google Analytics
Sociomantic 
Facebook
Twitter
Instagram
Security of our websites and appsTo enable us to prevent and monitor security of our systems and services.Akamai

Your Choices

This section explains the choices you have when it comes to the collection, use and disclosure of your personal data. You are at your choice to opt-in to the following activities and to withdraw your consent by taking steps as specified in this Policy.

For Lotus’s membership card customer

Based on the consent that you have given in the Lotus’s membership card application, we will study your spending behaviour, carry out customer profiling and marketing research based on your personal data and send you offers and information about our products and any other services, promotions, special offers and events which might be of your interest in a number of ways including by email. You can change your preference regarding marketing research and communications over the process described in this Policy herewith, use the "Unsubscribe" process via the application or the phone. However, if you decide to withdraw your consent for us to collect, use and/or disclosure your personal data for this purpose, your Lotus membership will be terminated and so you will no longer be able to enjoy any and all benefits to which the Lotus member is entitled (such as receive information about marketing campaign, exclusive offers and etc). For the avoidance of doubt, marketing research and communication does not include any customer surveys that we may conduct from time to time.

For non-Lotus’s membership card customer

Web browser cookies

You can use your browser settings to accept or reject new Cookies and to delete existing Cookies. You can also set your browser to notify you each time new Cookies are placed on your computer or other device. You can find more detailed information about how you can manage Cookies through your browser’s help function.

If you choose to disable some or all Cookies, you may not be able to make full use of our Websites. For example, you may not be able to add items to your shopping basket, proceed to checkout, or use any of our products and services that require you to sign in.

You can also manage advertising related Cookies used on our Services by opting-out through the Service Providers listed in the table above.

Mobile Apps

Cookies work differently on Mobile Apps as they are coded into the App itself and will use a unique identifier created by your mobile device for use for advertising activities. You can turn off or reset this advertising identifier through your mobile device’s privacy settings.

Customer surveys

We also like to hear your views to help us improve our Services, so we may contact and invite you to give your feedbacks about our products and services or complete any customer surveys we prepare. However, if we contact you about this, you do not have to take part in the activities. We will respect your choice and this will not affect your ability to use our Services including your Lotus’s membership card.

Upon the Personal Data Protection Act becomes fully effective, you can exercise your rights relevant to your personal data as mentioned below by providing your information on Data Subject Request Form. Please send your request with relevant documents to [email protected]

  1. **Right to withdraw consent: **You are entitled to withdraw your consent at any time. However, this will not affect the lawfulness of collection, use and disclosure of your personal data based on your consent before its withdrawal.

    If you are a Lotus's membership card member, please be reminded that a withdrawal of your consent given for us to contact you, study your spending behaviour, carrying out customer profiling and marketing research (other than through customer surveys) will result in your Lotus's membership card membership being terminated and so you will no longer be able to enjoy any and all benefits to which the Lotus's membership card member is entitled (such as collecting points and redeeming them for discount, receiving information about marketing campaign, exclusive offers and etc.).

  2. **Subject Access Request: **You have the right to see the personal data we hold about you. You can also request to obtain a copy of your personal data.

  3. **Right to data portability: **You have the right to receive your personal data in a structured, commonly used and machine readable format. In addition, you may request us to transmit such personal data to other data controller via automatic means and, where technically possible, to obtain such personal data we directly transferred to other data controller. For example, if you would like to apply for a Lotus credit card, you may request us to transfer your personal data to Lotus Money Service in order to link your Lotus credit card with Lotus's membership card. In such case, your request will be deemed to constitute consent for us to disclose the personal data we collect about you to the transferee.

  4. **Right to objection: **You have the right to object to our use of your personal information under the following circumstances:

    **General objection  **-- We will consider your objection to our use of your personal data. If on balance, your rights outweigh our interests in using your personal data, then we will at your request either restrict our use of it (see section 6 below) or delete it (see section 5 below). Nevertheless, we may not uphold your request if we rely on your personal data to establish, exercise or comply with legal claim or to set up defence.

    **Objection in relation to direct marketing  **-- If you make such an objection, we will stop using your personal data for direct marketing purposes.

    **Objection in relation to marketing research  **-- We will discontinue processing your personal data for marketing research unless it is done for public interest.

  5. **Right to erasure: **There are several situations when you can request us to delete your personal data, this includes (but is not limited to):

    • your personal data has become irrelevant or unnecessary for the purposes stated in this Policy;
    • you have successfully made an objection (listed in section 4 above);
    • you have withdrawn your consent to us using your personal data (and we do not have any other grounds to use it); or
    • we have unlawfully processed your personal data.

    We may retain your personal data to comply with applicable laws and regulations and for other permissible purposes. Therefore, not all of your personal data may be deleted as per your request.

  6. **Right to restrict our use of it: **There are several situations when you can restrict our use of your personal data (instead of deleting it), this includes (but is not limited to):

    • we are in the process to verify your objection (listed in paragraph 4 above);
    • you are challenging the accuracy of the personal data we hold; or
    • we have used your personal data unlawfully or your personal data is no longer necessary, but you do not want us to delete it.
  7. **Right to rectification: **if you believe we hold inaccurate or missing information, please let us know and we will correct it. In case we are unable to do so, we will record your request together with the reason for failing to fulfil it. For this purpose, Lotus's membership card customers may contact at 'Lotus's membership card service center at 1712 press 3.

We may deny or comply with your request in relation to the exercise of these rights only in part, subject to the applicable laws and regulations. For example, we may limit your Subject Access Request if such access would adversely affect the right and freedom of others or we may retain the personal data you request to be erased in exercise of our legal rights or in compliance with the obligation prescribed by law.

We’d like the chance to resolve any complaints you have, however you also have the right to complain to the Office of the Personal Data Protection Commission about how we have used your personal data.

If you have any questions about how we collect, store and use personal data please contact us.
Email: [email protected]

Our Data Protection Officer can be contacted by
Email: [email protected]

This Policy was last updated on 1 June 2021