These regulations for protected personal data have been prepared for the purpose of explaining the details and as guidelines for the accurate, suitable and safe collection, compilation, storage, use and disclosure of personal data in order to protect the rights of personal data owners such as customers, service users, employees or stakeholders who provide personal data to the company either directly or through the company’s information technology system and for practice in compliance with the tenets set forth in the Personal Data Protection Act B.E. 2562 (2019) (PDPA).


Company means Organics Buddy Co., Ltd., Subsidiary means a company in which the company has a shareholding of more than 50%. Personal Data means information about a person that can be used to either directly or indirectly identify said person. Officially Authorized Person means a person whom the highest ranking executives have assigned to oversee, take responsibility and perform work. Cookies mean tiny components of data stored in the equipment of customers or service users or stakeholders enabling the website to store as memory in accessing the website or methods for each use of the website.


The company respects and gives importance to personal data rights and personal data protection. In addition, the company is well aware that personal data owners need security and safety in using services. Personal data received by the company and/or the company’s group such as names, age, addresses, telephone numbers, identification numbers and financial information, etc., which can identify the data owner and are complete, accurate, up-to-date and quality personal data will be used only in line with the company’s operating objectives. The company enacts strict security measures and prevents personal data from being used without permission from data owners. The company will report breaches of personal data to data owners immediately when violations occur.


The company collects personal data from various channels. Personal data collected by the company might include the following types:

Data Provided Directly by Customers, Service Users or Stakeholders

  • Personal contact information such as first names, last names, telephone numbers, addresses and email addresses.
  • Identification data such as usernames, passwords, identification numbers or passports.
  • Other personal data such as date/month/year of birth, gender, age, ethnicity, citizenship, religion and photographs.
  • Other data appearing on forms including documents accompanying forms.

Data Used by Customers, Service Users or Stakeholders

  • Computer traffic data (logs) such as IP numbers, dates and times of use, equipment code, equipment type, mobile phone network data, connection data, geographic positioning data, browser type, website entry-exit logging data, referring website data, website history data, login logs and transaction logs.
  • Audio recording data when communications are made to the company or logs of contact details.
  • Data created by analysis and collection of statistics on use of services or systems such as customer behavior, website entry statistics, website access time, searched data, use of website functions and data collected by the company through cookies.

The company stores the aforementioned personal data for objectives in the company’s legal operations and to enhance the company’s operations. The company stores only necessary personal data for operations such as the following:

  • For reports/activities involving the company’s business activities.
  • For the benefit of studies, research and statistics.
  • For development of services, marketing, advertisement, sending newsletters on products and promotions related to the company’s products and services.
  • For improvement, development and enhancement of the company’s operations.
  • For accepting complaints, recommendations, criticisms or for expressing opinions.
  • For contacting data owners via any channels to make inquiries, notifications, examinations and confirm data related to data owners or survey opinions as necessary.
  • For checking data in compliance with the law and associated criteria and rules currently enforced and future revisions or additions.

If personal data collection objectives change afterward, the company will notify or advertise objectives to data owners without hesitation. In collecting the aforementioned personal data, the company is able to collect data only with consent from personal data owners or stakeholders. To facilitate the company’s business operations or perform the company’s duties to customers, the company may disclose personal data to service providers who are third parties, representatives, subsidiaries or associated persons located domestically or abroad for any objective of personal data storage, utilization, disclosure and processing. Furthermore, the company may disclose personal data to government officials or agencies to comply with laws, rules, guidelines, regulations or management systems enforced on the company. The company will require third party agencies to maintain secrecy, safety of personal data and the company forbids the use of the aforementioned personal data for any other objectives than objectives specified by the company. The following examples are examples of third parties to whom the company may disclose personal data:

  • Data import service providers.
  • Consultants, experts, advisors and/or external certified public accountants.
  • Third party service providers such as management service providers or operation service providers involved in the company’s business such as telecommunications, information technology, logistics, product transformation, assembly, installation, publication, postal services or marketing services and sales promotion activities.
  • Associated government officials or agencies.
  • Third parties with whom the company engages in business with the right to use personal data for only operations specified in contracts made with the company. Part of specifications in contracts made by the company with third parties require the aforementioned persons to comply with any laws and policies specified by the company and these persons must use appropriate measures to ensure that your personal data will be protected and safety.

The company will store personal data periodically based on suitability for use with a clearly designated retention period based on type of data. At the end of the aforementioned period, the company will immediately delete the aforementioned personal data.


  • The company affirms its commitment to not using personal data collected from customers, service users or stakeholders for other objectives than lawful objectives or for the company’s business operations.
  • The company will not sell, transfer or disseminate the aforementioned data to outside persons without consent from data owners.
  • The company may disclose personal data if the data is disclosed to the public legally or in compliance with court orders or requests from government agencies for the benefit of investigations by officials pursuant to the law or court case considerations.


Data owners have the following rights:

  • To know, delete, revise or ask to check personal data.
  • To not accept any marketing communication data from the company.
  • To ask the company to send or transfer personal data to other personal data controllers when able to do so automatically. Personal data owners may notify the company of objectives and identification in writing. When the company accepts the aforementioned request, the company will notify existence or details of data to data owners within an appropriate time.

Requests pursuant to the rights of personal data owners will be considered and recorded. The company will consider taking action based on personal data owners’ requests only after the company checked and found no conflicts with any specifications of the law which the company is required to comply with.


To manage personal data safely and appropriately, the company has security and safety measures to prevent unauthorized or unlawful loss, access, use, edition, revision or disclosure of personal data. If personal data is violated with negative effects on personal data owners directly, the company will inform personal data owners of personal data violations as quickly as possible to mitigate damage and investigate the cause in addition to specifying appropriate remedial measures.


The company appointed personal data protection officers with the duty to oversee compliance with this policy. If personal data owners or stakeholders have questions concerning this policy or wish to send petitions under any rights, personal data owners or stakeholders can contact the Customer Center at [email protected] or the company’s website at


The company may modify this policy to be consistent with changes in the company’s operations in response to recommendations or opinions from personal data owners or to make modifications in line with legal requirements. If revisions or changes are made to this policy, the company will announce changes to associated personal data owners clearly before making changes via or the company may send notifications to remind personal data owners directly.


Personal data owners agree and acknowledge that this personal data protection policy is effective on all personal data collected by the company and personal data owners agree for the company to have the right to collect, store, use or disclose personal data collected by the company (if any), including personal data currently collected by the company or personal data to be collected by the company to other persons within the scope specified in this personal data protection policy.


This website uses cookies. Cookies are small text files stored on your device (computer, tablet, smartphone, or another device) to enhance your experience on the website. Websites use cookies for many different purposes, including but not limited to:

  • Get information about the traffic on our website
  • Provide you with essential functionalities of our website
  • Track your browsing behavior
  • Track your engagement with social services
  • Collect information about how users use our website
  • Remember your preferences for our website
  • Personalize content and advertisements

We use cookies according to applicable national and international laws. This cookie declaration aims to inform you about our use of cookies, what types of cookies we use, and why we use them. We are committed to full transparency regarding your privacy while using our website. In the rest of this cookie declaration, you’ll find all the essential information about it. We use the following types of cookies:

  • Essential
  • Analytics
  • Customer Interaction
  • Advertising
  • Social media


We always use the essential cookies. They allow us to provide you with the essential features of our website, such as website navigation or logging in the secured areas. Using them is in your best interest, hence all the applicable personal data protection laws allow us to use them freely. We use the following essential cookies:

__cfduidCloudflareHost: Expires in: 30 Days Type: First party cookieCookie assoiated with sites using CloudFlare, used to speed up page load times. According to CloudFlare it is used to override any security restrictions based on the IP address the visitor is coming from. It does not contain any user identification information.

We use other types of cookies only with your prior explicit consent. If you give us consent to store them on your computer, we do so. If you don’t consent to their use, we don’t use them. It’s that simple. We don’t discriminate users based on consent. The rest of the cookies we use are:


Analytics cookies provide us with information about the traffic and users’ behavior on our website. This includes the number of visitors, number of clicks to pages, and others. Most often, the data these cookies collect is anonymous.

However, in some cases, the data may be related to a pseudonymous identifier that may be related to your device. That may possibly make you identifiable and that’s why we ask you for consent before using analytics cookies.

_gaGoogle AnalyticsExpires in: 1 Year, 11 Months Type: First party cookieThis cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service.
_gat_UA-144310607-1Google AnalyticsHost: Expires in: 1 Minute, 18 Seconds Type: First party cookieThis is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gidGoogle AnalyticsHost: Expires in: 1 Day Type: First party cookieThis cookie name is associated with Google Universal Analytics. This appears to be a new cookie and as of Spring 2017 no information is available from Google


These cookies track your browsing behavior to enable us to show you personalized content and advertisements that are likely to be of interest to you. Depending on your information and only upon your permission, these cookies may group you with other users with similar interests and show you relevant ads and content. For more information on the advertising cookies we use, read our Privacy Policy.

frFacebookHost: Expires in: 2 Months, 29 Days Type: Third party cookieContains browser and user unique ID combinaton, used for targeted advertising.
_fbpFacebookHost: Expires in: 2 Months, 29 Days Type: First party cookieUsed by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers


Your current cookie consent status: Consent Given


You may delete or disable cookies through your browser settings. However, you should keep in mind that deleting or disabling cookies may lead to inconvenience while using our website that would not have happened if you consented to the use of cookies. On the following links, you’ll find information about how to delete or disable cookies from your browser settings:


Secure Privacy is may change this cookie declaration at any time without prior notice. That may happen due to changes in cookie regulations, changes in our website, or another reason. Ensure to check out this cookie declaration regularly to stay updated for any changes.

Subscribe to our newsletter and stay up to date with our latest news and promotions coming straight to you:
Copyright © 2020 Organics Buddy Co., Ltd. All Rights Reserved.