You accept this Privacy Policy when you sign up for, access, or use our products, services, content, features, technologies or functions offered on our website and all related sites, applications, and services (collectively “OREASE Services”). This Privacy Policy is intended to govern the use of OREASE Services by our users (including, without limitation those who use the OREASE Services in the course of their trade or business) unless otherwise agreed through contract. We may amend this Privacy Policy at any time by posting a revised version on our website. The revised version will be effective as of the published effective date. In addition, if the revised version includes a substantial change, we will provide you with 30 days’ prior notice by posting notice of the change on the "Policy Updates" page of our website. After this 30-day notice period, you will be considered as having expressly consented to all amendments to this Privacy Policy.

Dumoroc Trading Company Limited (“Company”) realizes the importance of the personal data protection and has compliance and management of Personal Data which are consistent with Personal Data Protection law and the related laws. The Company would like to notify you of the Company’s compliance with the Personal Data Protection Act, B.E. 2562 (2019) as follows:

“Personal Data” means any information relating to a Person, which enables the identification of such Person, whether directly or indirectly, but not including the information of the deceased Persons in particular.

“Sensitive Personal Data” means Personal Data pertaining to racial, ethnic origins, political opinions, cult, religious or philosophical beliefs, sexual orientation, criminal records, health data, disability, trade union information, genetic data, biometric data (such as fingerprints or facial recognition data) or of any data which may affect the data subjects in the same manner, as prescribed by the Personal Data Protection Committee

We collect the following types of personal information in order to provide you with the use of OREASE Services, and to help us personalize and improve your experience. Information we collect automatically: When you use OREASE Services, we collect information sent to us by your computer, mobile phone or other access device.
The information sent to us includes, but is not limited to, the following: data about the pages you access, computer IP address, device ID or unique identifier, device type, geo-location information, computer and connection information, mobile network information, statistics on page views, traffic to and from the sites, referral URL, ad data, and standard web log data and other information. We also collect anonymous information through our use of cookies and web beacons (visit How we use Cookies and Similar Technologies for more information).

Information you provide to us: We may collect and store any information you provide us when you use OREASE Services, including when you add information on a web form, add or update your account information, participate in community discussions, chats, or dispute resolutions, or when you otherwise correspond with us regarding OREASE Services.

When you use OREASE Services, we also collect information about your transactions and your activities. In addition, if you open a OREASE account or use OREASE Services, we may collect the following types of information:

Contact information, such as your name, address, phone, email and other similar information.

Financial information, such as the full bank account numbers and/or credit card numbers that you link to your OREASE account or give us when you use OREASE Services.

Detailed personal information such as your date of birth or national ID number including health care history and other necessary information for providing services

We may also collect information from or about you from other sources, such as through your contact with us, including our customer support team, your results when you respond to a survey, your interactions with members of the OREASE corporate family or other companies (subject to their privacy policies and applicable law), and from other accounts we have reason to believe you control (whether in part or in whole). Additionally, for quality and training purposes or for its own protection, OREASE may monitor or record its telephone conversations with you or anyone acting on your behalf. By communicating with OREASE, you acknowledge that your communication may be overheard, monitored, or recorded without further notice or warning.

Information from other sources: We may also obtain information about you from third parties such as credit bureaus and identity verification services. 

You may choose to provide us with access to certain personal information stored by third parties such as social media sites (e.g., Facebook and Twitter). The information we may receive varies by site and is controlled by that site. By associating an account managed by a third party with your OREASE account and authorizing OREASE to have access to this information, you agree that OREASE may collect, store and use this information in accordance with this Privacy Policy.

Authentication and Fraud Detection: In order to help protect you from fraud and misuse of your personal information, we may collect information about you and your interactions with OREASE Services. We may also evaluate your computer, mobile phone or other access device to identify any malicious software or activity.

Using Your Mobile Device: We may offer you the ability to connect with OREASE Services using a mobile device, either through a mobile application or via a mobile optimized website. The provisions of this Privacy Policy apply to all such mobile access and use of mobile devices.

When you download or use our mobile applications, or access one of our mobile optimized sites, we may receive information about your location and your mobile device, including a unique identifier for your device. We may use this information to provide you with location-based services, such as advertising, search results, and other personalized content. Most mobile devices allow you to control or disable location services in the device's setting's menu. If you have questions about how to disable your device's location services, we recommend you contact your mobile service carrier or the manufacture of your particular device.
The Personal Data collected by the company in relation to the above-mentioned purposes are required in compliance with contractual obligations or in accordance with applicable laws. In case of refusal to provide the required Personal Data, it may be considered as an infringement of relevant laws or may cause the Company not to be able to manage or execute contractual obligations or facilitate services for you. However, should any modifications to the stated purposes for the collection of Personal Data subsequently occur, the Company will duly inform you as well as fulfill other legal obligations, including the recording as evidence of the amendment of the purposes stated in this Policy.

The Company respects Data Subjects’ right of their Personal Data and is also aware of the Data Subjects’ intention for the due protection of their Personal Data. Any Personal Data submitted to the Company will be used only for the stated purposes. The Company has strict security measures and a prevention not to let the unauthorized parties from accessing and using your personal data.

The Company will retain your Personal Data only for the necessary duration, and will collect, use and disclose your Personal Data, as defined in this Policy, in accordance with the duration criteria, namely the period during which you are still related to the Company as a client, and may still retain your Personal Data as long as needed for legal compliance or as per legal prescription, for the establishment of legal claims, legal compliance or exercise of legal claims, or defense of legal claims, or for other purposes in accordance with policies and the internal regulations of the Company. If it is not possible to specify the Personal Data retention period, the Company will retain the Personal Data as may be expected per data retention standards (such as the longest legal prescription of 10 years).

The Company has in place adequate and strict security measures, in accordance with Policy and Guidelines on Information Technology of the Company, to prevent Personal Data, loss, access, destruction, use, alteration, correction, and to prohibit unauthorized or unlawful use of Personal Data.

Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customized experience. We may use your personal information to:

provide OREASE Services and customer support;

process transactions and send notices about your transactions;

verify your identity, including during account creation and password reset processes;

resolve disputes, collect fees, and troubleshoot problems;

manage risk, or to detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities;

detect, prevent or remediate violations of policies or applicable user agreements;

improve the OREASE Services by customizing your user experience;

measure the performance of the OREASE Services and improve their content and layout;

manage and protect our information technology infrastructure;

provide targeted marketing and advertising, provide service update notices, and deliver promotional offers based on your communication preferences;

contact you at any telephone number, by placing a voice call or through text (SMS) or email messaging, as authorized by our User Agreement;

perform creditworthiness and solvency checks, and compare information for accuracy and verify it with third parties.

We may contact you via electronic means or postal mail to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, or as otherwise necessary to service your account. Additionally, we may contact you to offer coupons, discounts and promotions, and inform you about OREASE Services and the services of our corporate family. Finally, we may contact you as necessary to enforce our policies, applicable law, or any agreement we may have with you. When contacting you via phone, to reach you as efficiently as possible we may use, and you consent to receive, autodialed or prerecorded calls and text messages. Where applicable and permitted by law, you may decline to receive certain communications.

We do not sell or rent your personal information to third parties for their marketing purposes without your explicit consent. We may combine your information with information we collect from other companies and use it to improve and personalize OREASE Services, content, and advertising. If you do not wish to receive marketing communications from us or participate in our ad-customization programs, simply indicate your preference by logging into your account and going to the Notifications section and updating your preferences, or by following the directions that may be provided within the communication or advertisement.

We respect your communication preferences. If you no longer wish to receive notifications via our application, you can adjust your preferences by visiting the settings page of the application.

When you access our website or use OREASE Services, we (including companies we work with) may place small data files on your computer or other device. These data files may be cookies, pixel tags, "Flash cookies," or other local storage provided by your browser or associated applications (collectively "Cookies"). We use these technologies to recognize you as a customer; customize OREASE Services, content, and advertising; measure promotional effectiveness; help ensure that your account security is not compromised; mitigate risk and prevent fraud; and to promote trust and safety across our sites and OREASE Services.

You are free to decline our Cookies if your browser or browser add-on permits, unless our Cookies are required to prevent fraud or ensure the security of websites we control. However, declining our Cookies may interfere with your use of our website and OREASE Services.

For more detailed information on our use of these technologies, please see our policy on Cookies, Web Beacons, and Similar Technologies.

Throughout this Privacy Policy, we use the term "personal information" to describe information that can be associated with a specific person and can be used to identify that person. We do not consider personal information to include information that has been made anonymous so that it does not identify a specific user.

We store and process your personal information on our computers in North America, Asia, Europe and elsewhere in the world where our facilities are located. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls.

 

As a Data Subject, you have the rights as prescribed in the Personal Data Protection Act, B.E. 2562 (2019) and other rights as follows:
- Right to withdraw consent You have the right to withdraw consent for the processing of your Personal Data as submitted to the Company, but not if the consent withdrawal is restricted by law or by contract of benefit to you as a Data Subject. However, the withdrawal of consent shall not affect the processing of Personal Data to which you have already legally consented.
- Right to access to the Personal Data You are entitled to request access to and obtain a copy of your Personal Data, under the Company’s care and responsibility, as well as to request the disclosure of the acquisition of your Personal Data without your consent.
- Right to request for sending or transferring the Personal Data (Right to data portability) You have the legal right to request the Company to transfer your Personal Data.
- Right to object to the collection, use, or disclosure of Personal Data You have the right to object to the processing of your Personal Data, namely the collection, use, or disclosure of your Personal Data as prescribed by law.
- Right to request the erasure of Personal Data (Right to be forgotten) You have the legal right to request the Company to erase, destroy, or to anonymize your Personal Data.
- Right to restrict the use of Personal Data. You have the legal right to request the Company to suspend the use of your Personal Data.
- Right to request for the correction of the Personal Data Should you discover that your Personal Data kept by the Company is not correct or has been modified, you have the legal right to request the Company to correct them so that your Personal Data is accurate, up-to-date, complete, and will not incur any misunderstandings.
- Right to be informed in case of the modification of the Privacy Notice The Company may consider and modify as appropriate this Privacy Notice to ensure that your Personal Data is well protected.
- Right to Complain You have the right to complain to authorized officials as prescribed by the Personal Data Protection Act, B.E. 2562 (2019) in case of the Company’s infringement or non-compliance with the Act. In the event that the Data Subject lodges their request to exercise their rights as prescribed by the Personal Data Protection Act, B.E. 2562 (2019), upon reception of such request, the company will further proceed within the duration of time as prescribed by the Act. However, the Company reserves the right to deny or not to proceed with the request as prescribed by law in case that the Data Subject has chosen to provide to the Company only certain Personal Data which may cause the Company not to be able to provide full services. Moreover, the Company may not be able to collaborate with or to provide services to the Data Subject if they do not consent to the provision of information as required by the Company.

When booking OREASE, we may provide those parties with information about you necessary to complete the booking, such as your name, account ID, contact details, service and billing address, health care history, or other information needed to promote the reliability and security of the service. If a service is held, fails, or is later invalidated, we may also provide details of the unsuccessful booking. To facilitate dispute resolution, we may provide a service receiver with the service provider information so that dispute can be work on between two parties. The receiving party is not allowed to use this information for unrelated purposes, such as to directly market to you, unless you have agreed to it. Contacting users with unwanted or threatening messages is against our policies and constitutes a violation of our User Agreement.

If someone is sending you money and enters your email address or phone number, we will provide them your registered name so they can verify they are sending the money to the correct account.

We work with third parties, including merchants, to enable them to accept or send payments from or to you using OREASE. In doing so, a third party may share information about you with us, such as your email address or mobile phone number, to inform you that a payment has been sent to you or when you attempt to pay a merchant or third party. We use this information to confirm that you are a OREASE customer and that OREASE as a form of payment can be enabled, or to send you notification of payment status. Also, if you request that we validate your status as a OREASE customer with a third party, we will do so.

If you link your loyalty or gift card of a OREASE merchant to your account, we may share your card number with that merchant when you pay using OREASE.

Please note that service provider, service receiver, and any other users you booking service from or contract with have their own privacy policies, and although OREASE’s User Agreement does not allow the other transacting party to use this information for anything other than providing OREASE Services, OREASE is not responsible for their actions, including their information protection practices.

Regardless, we will not disclose your credit card number or bank account number to anyone you have paid or who has paid you using OREASE, or with the third parties that offer or use OREASE Services, except with your express permission or if we are required to do so to comply with credit card rules, a subpoena, or other legal process.

We may share your personal information with:

Members of the OREASE corporate family, such as ORAGAN, to provide joint content, products, and services (such as registration, transactions and customer support), to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about their products, services, and communications. Members of our corporate family will use this information to send you marketing communications only if you have requested their services.

Financial institutions that we partner with to jointly create and offer a product (including but not limited to, the OREASE Extras credit card where we share information with GE Capital to determine whether you should receive pre-approved offers for the OREASE Extras credit card). These financial institutions may only use this information to market OREASE-related products, unless you have given consent for other uses.

Credit bureaus and collection agencies to report account information, as permitted by law.

Banking partners as required by credit card association rules for inclusion on their list of terminated merchants (in the event that you meet their criteria which includes having OREASE close your OREASE Account due to your breach of OREASE’s User Agreement).

Companies that we plan to merge with or are acquired by. (Should such a combination occur, we will require that the new combined entity follow this Privacy Policy with respect to your personal information. If your personal information could be used contrary to this policy, you will receive prior notice.)

Law enforcement, regulators, government officials, or other third parties (in Singapore or elsewhere) in relation to a subpoena, court order, or other legal process or requirement under Singapore law or regulation, or the laws and regulations of other jurisdictions that are applicable to OREASE or one of its Affiliates; when we need to do so to comply with such law or credit card rules; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss; to report suspected illegal activity or investigate violations of our User Agreement 

Other unaffiliated third parties, for the following purposes:

Fraud Prevention and Risk Management: to help prevent fraud or assess and manage risk. For example, if you use the OREASE Services to buy or sell goods using eBay Inc. or its affiliates (“eBay”), we may share account information in order to help protect your account from fraudulent activity, alert you if we detect such fraudulent activity on your accounts, or evaluate credit risk.

 

As part of our fraud prevention and risk management efforts, we also may share necessary account information with eBay in cases where OREASE has placed a hold or other rex`striction on your Account based on disputes, claims, chargebacks or other scenarios regarding the sale or purchase of goods. Also, as part of our fraud prevention and risk management efforts, we may share account information with eBay to enable them to operate their programs for evaluating buyers or sellers.

Customer Service: for customer service purposes, including to help service your accounts or resolve disputes (e.g., billing or transactional). 

Shipping: in connection with shipping and related services for purchases made using OREASE. 

Legal Compliance: to help them comply with anti-money laundering and counter-terrorist financing verification requirements.

Service Providers: to enable service providers under contract with us to support our business operations, such as fraud prevention, bill collection, marketing, customer service and technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and not for their own benefit.

Other third parties with your consent or direction to do so.

Please note that these third parties may be in other countries where the laws on processing personal information may be less stringent than in your country.

If you open a OREASE account directly on a third party website or via a third party application, any information that you enter on that website or application (and not directly on a OREASE website) will be shared with the owner of the third party website or application. These sites are governed by their own privacy policies and you are encouraged to review their privacy policies before providing them with personal information. OREASE is not responsible for the content or information practices of such third parties.

Sign in with OREASE is a tool we’ve developed to improve your Internet experience. Sign in with OREASE allows you to streamline and simplify the account creation and login process when using third-party websites, and it allows these websites to enhance your experience on their sites. Instead of creating multiple usernames and passwords for each website you visit, Sign in with OREASE allows you to sign in to a participating website using your existing OREASE login information. When you use Sign in with OREASE, you agree that OREASE can share the information listed on the Sign in with OREASE consent screen or in your Sign in with OREASE account settings with the participating website. Information you allow OREASE to share with these third-party websites is subject to each third-party’s terms of service and privacy agreement, so you are encouraged to review their policies.