#USER AGREEMENT
Last updated: February 27, 2024
This User Agreement is made between Waan Exchange Company Limited, a Thai juristic person whose head office is located at 1758/4 Sukhumvit Road, Phra Khanong Tai Sub-district, Phra Khanong District, Bangkok 10260, which provides services as a Digital Asset Exchange and Digital Asset Broker, referred to as “Company” and the other party, which is the customer, is referred to as “Customer” and this user agreement is represented by the word “Agreement”. The Company considers that the customer agrees to accept all conditions and agreements, including limitations of liability, as stated below if the customer has recorded a check mark in the topic “I have read and agree to abide by the various conditions” in the registration application process on the company's website.
1. Definition
1.1 SEC Office means the Office of the Securities and Exchange Commission.
1.2 A Digital Asset Exchange means any center or network provided for buying, selling, or exchanging digital assets by matching or finding counterparties, organizing, or facilitating those wishing to trade or exchange digital assets to enter into an agreement or business matching can be made as normal trade.
1.3 A Digital Asset Broker means a person who provides services or represents to the general public that he or she is ready to provide services as a broker or agent. To buy, sell, or exchange digital assets for other people in the normal course of business and receive a fee or other compensation.
1.4 Cryptocurrency means an electronic data unit that is created on an electronic system or network with the intention of being used as a medium of exchange to obtain goods, services, or any other rights or exchange between digital assets and includes other electronic data units that are additionally specified by the SEC.
1.5 A Digital Token means an electronic data unit that is created on an electronic system or network with the purpose of determining the right of a person to participate in investing in any project or business or determining the right to acquire goods, services, or other specific rights. This is as specified in the agreement between the issuer and the holder and includes other electronic data units that the SEC has additionally specified. The SEC has issued an announcement specifying that the crypto token currency that the issuer intends to raise funds from citizens and the rights of individuals to participate in investing in any project or business or the rights to acquire goods or services or any other rights are specified. They are also considered digital tokens.
1.6 A customer means a natural person aged 20 years or older and a juristic person who wishes to transact with the company and completely registers a user account through the website.
1.7 Website means the website that the company specifies for customers to use to register user accounts and conduct transactions with the company, namely www.waanx.com or other websites that the company later determines and has announced to inform customers.
2. Creating an account on the website
The company requires customers to create their own user accounts on the website for themselves, to be the true beneficiary owner, to create only one account, and to truthfully record their own essential information to be accurate and complete as specified by the company. When the customer creates a user account, they must comply with the following criteria:
(1) Once the customer has specified a username and password, the customer must keep the password secret so that it is not lost or in the possession of another person. If lost, the customer must notify the company immediately so that the company can cancel and have the customer set a new code. However, the customer must be responsible for all damage to the company caused by the customer's use of the said code during the loss until the company cancels the said code.
(2) The customer must not give, reveal, or do anything else to let others know the username and password. If anyone else uses the said password for any reason, the customer agrees to be the one who is responsible for all damages to the company caused by the customer's use of the said password. This is the customer's own action and will not dispute the denial of any responsibility to the company.
(3) The customer should be required to change their passwords regularly, at least once every three months. The company will send an email to all customers on a quarterly basis to prevent random passwords from being randomly generated. The customer is requested to notify the company immediately if it finds or suspects that information related to customers or user accounts may have been compromised by notifying the operations staff via the chat box.
3. Account Usage Scope
3.1 The customer is solely responsible for all actions taken under his or her account throughout the use of the website.
3.2 The customer must not use any device or program, or any other method not authorized by the Company to enter the Company's system or website.
3.3 The customer must not attempt to circumvent any data or content screening process established by the company in order to access services or service areas that the customer does not have access to.
3.4 The customer must not do anything that violates laws, contracts, intellectual property, and various rights of third parties or commit acts that are likely to violate the rights of others, including not violating or against any rules, conditions, announcements of the company when accessing or using the website.
3.5 The customer must not use the website for any purpose that intentionally interferes with the system, disrupts, disturbs, damages, destroys, or has negative results. or inhibit other users from fully using the website, or behavior that may cause damage, make the system unusable, increase the burden, or disrupt the operation of the website in all cases.
3.6 The customer may not use the company's website to pay for, support, or display any behavior that is intended to be used for illegal gambling, fraud, money laundering, terrorism, or any other illegal activity such as pyramid marketing, Ponzi schemes, cash gifting businesses, money donation businesses, informal borrowing businesses, etc.
3.7 The customer must not spread rumors, fake news, or false or inaccurate information that may cause misunderstandings.
3.8 The customer must not invite or encourage other customers, other persons, or persons related to the company to commit illegal acts or violate the principles, rules, and regulations of the company.
4. The Use of Digital Asset Wallet
4.1 The customer must receive, send, and store digital assets via the trading platform on website by client themselves only.
4.2 The company will provide the digital asset wallet service only to the digital assets listed on the company's designated list. If there is a change in the list of names, the company will announce it to customers in advance on the website.
4.3 In the case that the customer's digital assets are not on the list of names that the company recently announced, the company will notify the customer via the email that the customer has provided to the company for no less than 60 days and will also set a time period for the customer to withdraw digital assets to other service providers. However, if the customer does not withdraw the digital assets within the specified period, the company will keep them for the benefit of the customer and charge a storage fee. The company will announce the asset storage fee on the company website and deduct it from the customer's deposit account with the company or debit the digital assets in an amount equal to the fee. However, the said fee is paid before the service is provided within a period of one year.
5. Risk from digital assets
The customer understands and accepts that trading digital assets is risky because the value and returns from trading digital assets can fluctuate depending on the price level of the invested asset, the liquidity of the asset, or investment conditions. In general, which may fluctuate due to events that cannot be known in advance, therefore, the customer may not receive the investment and benefits back equal to the amount invested. The customer understands and accepts that there may be other risks. The customer must carefully consider the decision to trade digital assets in accordance with the level of return and risk that the customer accepts and will be responsible for all damages resulting from various risks by the customer themselves.
6. Buying, selling, and exchanging digital assets
6.1 The customer can place buy or sell orders 24 hours a day. Before sending an order, the customer must have sufficient funds to cover the order. The customer must only have a sufficient amount of digital assets to complete the sales order.
6.2 Customers can view the status of all their trading transactions 24 hours a day.
6.3 The company has the right to prohibit or cancel any buy or sell orders that are considered to have the intent to cause digital assets or overall trading conditions to change or not change, which is inconsistent with the normal conditions of this digital asset trading center in the following manner:
(1) Buy or sell orders that the company deems inappropriate, such as orders in the form of matching trades with one another (wash sale / matched order), orders in the form of pushing, guiding prices, or orders in the form of inserting and withdrawing. Price support orders (such as split orders) and offers to buy or sell at a price at which a trade is unlikely to occur.
(2) Orders that exceed the cash the customer holds with the company or sales orders that exceed the digital assets the customer holds with the company.
(3) Any other actions that may violate the law or regulations of relevant agencies.
6.4 The customer certifies that the customer is well aware of the rules, conditions, and methods regarding the trading of digital assets via the internet or other electronic systems and accepts the risks that may occur in connection with trading digital assets through such methods in accordance with this agreement.
7. Customer’s Asset Keeping
7.1 The company will keep the customer's asset safe. Such assets shall be separated in the company's books so that they can be clearly identified as the customer's assets without any doubt, and the following actions will be taken:
(1) The company separates and keeps assets in the form of money at commercial banks or invests them under the framework of the law by clearly specifying in the deposit or investment account that it is operated by the company for the benefit of its customers (customer accounts).
(2) Digital asset will be stored by the company at a digital asset custodian (DA Custodian Wallet Provider) that has the qualifications as specified by the SEC Office and is done in a manner that can specifically identify such assets. It is the asset of any customer without any reason to suspect it.
7.2 The company provides monthly asset report to customers, where they can view assets and personal information 24 hours a day, 7 days a week for 1 year and 6 months backwards. However, if the customer requires the monthly asset report over such period, they can notify the company to send the asset report to them by requesting via the company website.
7.3 The customer agrees that the company will keep the customer's assets for the purpose of preservation, for trading or exchanging assets, or for any other benefit within the limits specified by law.
7.4 The customer acknowledges and agrees that the withdrawal of assets must be notified in advance according to the form and method specified by the company.
7.5 The customer acknowledges and agrees that the company will not pay and has no duty to pay interest to customers as a result of customers keeping Thai Baht in the Baht wallet that the company provides to customers. If there are any changes, the company will notify customers through the company's service platform or email.
7.6 The customer acknowledges and agrees that the company has no policy to pay interest rates or benefits from the customer’s digital assets that the company keeps or stores with third party digital asset custodians (Third Party Custodian).
However, if there is an airdrop or fork which may affect the value, functionality, and details of digital assets that customers deposit with the company. The company will announce or notify about the Airdrop or Fork at least 7 days in advance and will notify the customers who do not withdraw the said digital assets that they may not receive an airdrop or receive benefits from the fork.
7.7 The company agrees to take full responsibility for the customer's assets in the event that the customer's asset is lost or damaged due to the company's negligence in performing its duties.
7.8 In the event that the company encounters financial problems, customer funds kept with the company will not be protected according to the law of the Deposit Protection Agency.
7.9 In the event that the company plans to delist any digital assets (Delisting) from the company's trading system. The company will notify users of the incident for no less than 60 days, except in the case of urgent necessity that may cause damage to investors. However, once the company has notified the incident, users are responsible for transferring the delisted digital assets from the company's system within the said period. Otherwise, the company reserves the right to collect a fee from the deposit of digital assets. The deposit fee rate will be announced by the company to users on public channels.
8. Digital asset brokerage
8.1 Assigning the company to be a digital asset broker
8.1.1 The customer agrees to appoint the company to be the customer's broker in buying, selling, transferring, accepting transfers, and/or exercising rights in all types of digital assets traded in various digital asset trading centers that are partners with the company in the amount and price as ordered by customers throughout receiving, delivering, and holding said digital assets.
8.1.2 The customer must pay and/or the company has the right to claim the purchase price of digital assets, fees, service fees, taxes, brokerage commissions, and other expenses related to trading. and/or sell and transfer digital assets and receive payment for the sale of digital assets or any other rights arising from digital assets, including various tax deductions submitted to the Revenue Department (if any).
8.2 Placing orders
8.2.1 Pending orders, displayed on the company's website, combines the bid and offer price data of other digital asset exchange from the company’s partners with the bid and sell price data of the company's digital asset exchange. The system will arrange orders in order of the best price and time (Price then Time Priority), regardless of which digital asset trading center the order comes from. And the principles are:
(1) The order with the highest bid will be placed first, and if a higher bid is resubmitted, the higher bid will be placed first, and if there is more than one bid at each price, they shall be arranged according to time, with the bid appearing first in the trading system being classified as the bid first.
(2) Sell orders with the lowest ask price will be placed first, and if a lower ask price is resubmitted, the lower ask price will be placed first. If there is more than one offering at each price, they are sorted chronologically, with the offering appearing first in the trading system being prioritized.
8.2.2 When a customer orders a digital asset to sell, if the order can be matched immediately, the system will match it. If the order cannot be matched, the system will arrange the order according to the principles. Price, then time priority, as mentioned above, to wait for the next order to be matched.
8.3 Payment and delivery of assets
When a customer's digital asset trading order is matched, the system will update the customer's cash and digital asset balance in the trading account for withdrawals of the trading assets. The customer must withdraw or transfer such assets according to the form and method specified by the company, which the company will announce to the customer via the company's website.
At the initial stage, the company has set the processing time for withdrawing assets as follows:
Digital assets Within 2 business days from the date the customer makes a digital asset withdrawal transaction.
Fiat If the withdrawal amount does not exceed 2 million baht
within 24 hours of the customer's submitting withdrawal order
If the withdrawal amount exceeds 2 million baht within
24 hours of the completion of the approval and verification process,
8.4 Information Disclosure
In the case that the company sends trading orders to another digital asset exchange that is a partner only with the company, the company will disclose the relationship between the company and that digital asset exchange in terms of affiliation (such as affiliated companies), referral agreements, and kickbacks, which will be announced on the company's website for customer decision-making before starting to use the service.
9. Service Fee
The company announces digital asset trading fee rates and other fees on the website in full. Customers can have a look at it at any time. If there are any changes, the company will notify customers via the website and electronic mail (email address) that customers use to register.
10. Tax
. The customer agrees to acknowledge the taxes including but not limited to VAT, withholding tax, taxes on profits generated from trading digital assets, taxes that may occur in the future such as taxes that have been collected retroactively and any other taxes related to the customer or customer transactions. Customers must be responsible by themselves. The Company is only a facilitator to provide information or documents (if any) for the tax payment by customers to the Revenue Department or other relevant government agencies to be convenient, accurate, and complete.
11. Liability for damage
The company will not be responsible for any damages in this case.
11.1 The actions of the customer are understandable or understandable to be done by the customer themselves, including but not limited to accessing the company's services, including:
(1) Incorrect account number or other information for the account to which funds will be transferred (or from the account from which funds will be withdrawn) according to the customer's instructions.
(2) Providing incorrect cryptocurrency addresses or information for cryptocurrency transfers or withdrawals (including depositing cryptocurrency with customers)
(3) Sending unacceptable cryptocurrencies or tokens to customer accounts
11.2 Force majeure events that cannot be controlled, such as natural disasters, protests, terrorism, and the occurrence of war, whether within or outside the country, include cyber warfare, defects or damage to electrical or telecommunications systems, laws or various rules that will be established in the future, etc.
11.3 Any other event, direct or indirect, that is beyond the reasonable control of the company's business operations, unless the damage to customers is proven to be from the company, directors, executives, or personnel not conducting business or not performing their duties properly, according to the announcement of the SEC Office No. Kor.Thor 19/2561 subject: rules, conditions, and methods for conducting digital asset business and other related announcements, including various announcements from government agencies that oversee the company's business operations.
12. Prevention of money laundering
The company is under Anti-Money Laundering Act and the Anti-Money Laundering Act and the Anti-Terrorism Financing and Proliferation of Weapons of Mass Destruction Act in order to ensure that the Company's operations are in accordance with the aforementioned Acts. Therefore, customers are required to do the following:
12.1 The customer acknowledges and agrees to provide sufficient information and related documents, or additional requests later as determined by the company so that the company can consider that the customer is the same person as the evidence presented and examined to know the customer's facts correctly, including the actual reasons for the transaction.
12.2 The customer must not be involved with or be the person who invites or supports other people, whether directly or indirectly; all or only some of the transactions may be considered violations of the Act mentioned above.
12.3 If the customer knows or finds that other customers or persons related to the company are involved in violating the above Act, the customer must notify the company immediately.
13. Suspension or refusal of transactions
13.1 The company has the right to refuse to establish a relationship (open an account), temporarily suspend, limit, or terminate access to all or part of the service, and/or close or cancel the customer's user account in various cases, such as:
13.1.1 The customer has behavior that affects their rights and freedoms or is threatened or intimidated, whether it happens to the company, employees, partners, other customers, or any person who has a relationship with the company.
13.1.2 There is use of an account that may be considered to be in violation of the rules and regulations, company regulations, or government agencies that regulate the company, or transactions that may be considered illegal.
13.1.3 The customer violates any policy or order that the company notifies the customer of from time to time.
13.1.4 The Customer does not comply with this Agreement or any future changes to which the Customer has accepted.
13.2 If the company temporarily suspends or closes the customer's user account or terminates the use of the company's services for any reason, the company will notify the customer of such action unless there is a court order or legal process prohibiting the company from notifying the customer. The customer acknowledges that the company's decision to take any specified action may be made under confidentiality rules. This is necessary for risk management and other company security policies. The company has agreed not to disclose details of its risk management and security procedures to customers.
13.3 If the company temporarily suspends or closes the customer's user account or terminates your use of the company's services for any reason, (This is in accordance with this agreement.) the company reserves the right to require the customer to go through an identity verification process before the customer can transfer or withdraw any digital assets or legal currency from the Digital Asset Wallet or Baht Wallet.
13.4 The customer may terminate the customer's account at any time by submitting the request to the company and withdrawing the entire amount of both Thai Baht and digital assets. The customer will not be charged any fees for terminating the account, However, the customer will not be released from any liability or responsibility for paying any outstanding payments to the company (if any). After the termination process is completed, the customer cannot open an account with the company again.
13.5 The Customer authorizes the Company to cancel and suspend any transactions in progress while providing notice of termination of the Customer's User Account.
14. Accepting complaints
14.1 The company have informed the customer of the complaint channel via the company website. However, the customer is required to give the company personal data and important facts for the company to resolve the complaint. The company reserves the right to request more information or documents from the customer. The company will ensure that all information obtained during this procedure is kept confidential and is not disclosed to any irrelevant individuals. The processing of data throughout this process will adhere to the company's privacy policy.
14.2 The company will find a resolution to the complaint and report the results to the complainant and the office of the SEC without delay. However, if the resolution that the company has determined is not satisfactory to the complainant, complainants can file a complaint with the SEC, which is another company regulatory agency. The company will provide channels for filing complaints with the SEC on the company's website as well.
15. Other agreements
15.1 Notice
15.1.1 All letters or any documents that the company sends to customers, regardless of whether they are sent through just one channel, include addresses listed in household registration. Current address, work address, electronic mail address (email address) or other addresses that the customer has provided information to the company. The customer agrees that he has received the document completely and correctly without raising objections or denying receipt of such documents.
15.1.2 If this agreement is drawn up in a language other than Thai, if there is any dispute between the language translations, the Thai version of this agreement will be final and have effect according to the laws of Thailand.
15.2 Additional amendments
15.2.1 The Company may, at its sole discretion and without prior notice, amend or modify this agreement. The company will take into account the interests of its customers and will publish the amendments through the company's website. Such changes will become effective upon acceptance by the customer, and the customer agrees to strictly abide by the conditions set by the company.
15.2.2 If the customer does not agree and consent to any amendments, the customer has the right to cancel the use of the company's services and close the user account.
15.2.3 The customer agrees that the company will not be liable to the customer or any third party for any temporarily suspend, limit, or terminate access to all or part of the service, and/or close or cancel the customer's user account, as a result of the customer committing anything that violates this agreement.
In this regard, this service agreement is determined to be effective from 27 February 2024.
#PRIVACY POLICY
Last updated: January 02, 2024
The company recognizes the importance of collecting, using, and/or disclosing ("processing") your personal information when accessing or using our services. Therefore, we have established this privacy policy to inform you of the purposes and details of how we collect, use, and disclose your personal information. The company will take strict measures to ensure security and prevent unauthorized use of your information. Visitors can browse the company's website for information about digital assets, other services, check service rates, and retrieve relevant company information without providing any personal information unless they wish to register for our services.
Purpose of Data Collection
Information related to customers or any individuals will only be used for lawful purposes in conducting the company's operations. Customer data will not be processed unless the company has communicated its intended purpose. The company will only collect as much personal data as necessary, either directly from you when registering on our website or from other reliable sources, in a lawful and appropriate manner.
The company will only collect, use, and/or disclose your personal information as necessary under the company's lawful purposes. This includes collecting, using, and/or disclosing personal information for contract performance where you are a party, complying with legal obligations, for legitimate interests, based on your consent, and/or other legal bases. The purposes of collecting, using, and/or disclosing personal information according to this policy are as follows:
Purposes Relying on Consent
In the event that you have provided your consent to our company for the collection, use, and/or disclosure of your personal information, we will process your personal data for the following purposes:
1. Collection, use, and/or disclosure of sensitive personal data that the company cannot rely on other legal bases, other than explicitly seeking consent. The purposes include:
(1) Information related to religion and ethnicity (Such information is derived from copies of identification cards or copies of passports from certain countries that the company must use solely for verification and identity confirmation purposes).
(2) Biometric data for signature verification, personal identification, and the company's electronic Know Your Customer (e-KYC) services.
2. Marketing activities, product offers, and/or service promotions, exclusive rights to participate in events organized by the company or its business partners, including receiving news, useful suggestions, and suitable promotions. It also involves the use of data for analysis, research, and/or statistical compilation, as well as the development and enhancement of the company's products and/or services. If you do not provide consent in this regard, you might miss out on news updates and benefits you could have otherwise received.
For purposes based on legal grounds other than consent
The company will collect, use, and/or disclose your personal data according to legal provisions necessary for the company's lawful objectives. This could be for contract execution where you are a party, meeting legal obligations, deriving lawful benefits, and/or actions under alternative legal bases. The data processing purposes might include:
- Verifying information/document accuracy, identity authentication, such as through the "Know-Your-Customer" (KYC) and customer due diligence (CDD) processes, cross-referencing the Sanction List mandated by law enforcement or public organizations, checking for property confiscation or bankruptcy, and assessing customer risk.
- Offering advice, recommendations, and/or related product and/or service information, as well as customer engagement for convenient service and/or product application.
- Executing orders to fulfill the customer's transactional objectives, such as depositing, withdrawing, transferring, exchanging assets, verifying, confirming, and updating transaction records.
- Addressing complaints, resolving issues, and processing to customer requests.
- Conducting marketing initiatives not requiring your legal consent, such as showcasing products /services and/or highlighting special privileges, relaying your entitlements, engaging when service registration has not yet been completed, assisting in the registration of similar services, evaluating customer groups for event invitations, or tailoring sales promotions.
- The company's other activities such as analysis, research, market research, compiling statistical data, financial data analysis, and/or preparing reports for internal use. This also includes management, risk management, internal company audits, upholding lawful interests, establishing customer databases, and storing data in systems or databases. It also covers any other objectives that the company can lawfully undertake.
Personal Data to be Collected
The company collects your personal data directly from you or from other sources as specified by law to align with the company's legal basis mentioned earlier. The personal data that the company collects may include:
- General personal information, such as name-surname, address, contact channels, date of birth, nationality, country of residence, KYC and CDD details, shareholding proportions, and/or data from documents or other information to verify occupation, income, or business operations. Financial data and transactions, such as transaction history including purchases, sales, exchanges, transfers, asset account numbers, asset quantities, deposit amounts, and transaction channels, etc.
- Technical information or tools, like computer identification numbers (such as IP or MAC addresses), device identification codes (Device ID), logs, and other technical data from platform and operating system usage, etc.
- Other information, for example, records of communication or interactions between you and the company, complaints, or requests for various rights submitted by customers to the company.
Data Disclosure
The company will not allow the disclosure of any information, except to employees who have been granted permission, or to other individuals who have been authorized by the customer to access the data for performing tasks as prescribed by law. The company also prevents unauthorized use of customer information. However, the company may disclose your information based on its legal foundation to individuals or entities as follows:
- Partners, company representatives, subcontractors, or external service providers to conduct business on behalf of the company or to support the provision of the company’s products and/or services as specified by law. This includes legal enforcement agencies, regulatory bodies overseeing the company, and consultants/experts such as auditors and external inspectors.
- Other authorized individuals involved in maintaining, repairing, modifying, or upgrading the company's transaction systems. The company ensures confidentiality agreements are in place, binding them to the applicable laws.
- With your consent, the company may disclose information to any individual or entity to achieve the objectives that have been communicated to you.
- Other third parties, such as individuals with whom you have a contractual or transactional relationship, users of the company's e-KYC services, etc.
Use of Cookies and/or Similar Technologies
The company may collect and use cookies and/or other similar technologies when you access and use the company's website and/or applications, including conducting transactions, using products, and/or services of the company through digital channels and the internet network. To learn more about the collection and use of cookies or other similar technologies, you can refer to the company's "Cookies Policy" at www.waanx.com
Data Retention
The company will collect and store personal data for a period that can be reasonably expected based on standard data collection practices. Personal data is retained either for the period mandated by law, throughout the duration required by a contract, or any other legally justified basis. Once the retention period for the personal data expires, the company will immediately delete or destroy said data.
Details on Transferring or Sending Personal Data Abroad
The company may transfer your personal data to foreign countries at your request or in order to fulfill the company's legitimate objectives. The company will send or transfer personal data to destination countries or international organizations that maintain adequate personal data protection standards. Alternatively, data may be transferred abroad under other conditions as prescribed by law. The company ensures that appropriate measures are in place to safeguard your rights as the data owner, including effective legal remedies.
Your Rights under the Personal Data Protection Act, B.E. 2562 (2019)
The Personal Data Protection Act, B.E. 2562 (2019) defines various rights of personal data owners. These rights will come into effect once the provisions of the law regarding these rights are enforced. The details of these rights include:
1) Right to Access Personal Data: You have the right to access, obtain copies, and request the disclosure of the origins of your personal data stored by the company without your consent. This is unless the company has the right to refuse your request based on legal reasons, court orders, or in cases where exercising your rights may adversely affect the rights and freedoms of others.
2) Right to request the correction of personal information to ensure it is accurate, complete, and up-to-date: If you find that your personal information is incorrect, incomplete, or outdated, you have the right to request a correction to make it accurate, current, complete, and to prevent misunderstandings.
3) Right to Erase or Destroy Personal Data: You have the right to request the company to erase or destroy your personal data or to make your personal data unidentifiable in the future. This right to erase or destroy personal data is subject to conditions as stipulated by the law.
4) Right to request a suspension of the use of personal information: You have the right to request a suspension of the use of your personal information under the following circumstances:
a) During the period the company is reviewing your request to correct personal information to ensure it is accurate, complete, and up-to-date.
b) When the personal information has been collected, used, or disclosed unlawfully.
c) When the retention of the personal data of the data subject is no longer necessary according to the purposes informed by the company during its collection, but the data subject wishes the company to retain that data for the exercise of legal rights.
d) During the period the company is verifying the lawful grounds for collecting the personal information or checking the necessity of collecting, using, or disclosing personal information for public benefit, resulting from the data subject's objection to the collection, use, or disclosure of personal data.
5) Right to object to the processing of personal information: You have the right to object to the collection, use, or disclosure of your personal information.
6) Right to withdraw consent: In the event that you have given your consent to the company for the collection, use, or disclosure of your personal information, you have the right to withdraw that consent at any time throughout the period your personal information is retained by the company, unless there are legal limitations which necessitate the company to continue holding the data.
7) Right to access, transfer, or transmit personal information: You have the right to request your personal data from the company in a format that is generally readable or usable by automated devices, and to use or disclose personal information automatically. You may also request the company to send or transfer such data to another data controller, provided that this right is exercised under the conditions defined by law.
You, as the owner of personal data, have the above rights subject to conditions and exceptions as set forth by the law. Specifically, in cases where the collection, use, or disclosure of your personal data is carried out to fulfill legal obligations of the company, your rights may in some instances be limited by the law.
You can submit a request to exercise your rights to the company. The company will consider and respond to your request or deny it, notifying you of the result within 30 days from the day the company receives a complete request document as defined by the company's conditions.
In cases where the company has an unavoidable necessity that requires more than 30 days to consider your rights request, the company will promptly notify you of the reasons for such delay. If the company decides to deny your rights request, the company will inform you of the denial along with its reasons. Should you have doubts about the denial, you can inquire with the company.
Contact for Inquiries or Exercising Rights
If you have any questions, suggestions, or concerns about the company's collection, use, and disclosure of personal data, or about this policy, or if you wish to exercise your rights under the personal data protection law, you can contact:
Data Protection Officer
- Contact: Data Protection Officer
- Address: 1758/4 Sukhumvit Road, Phra Khanong Tai Sub-district, Phra Khanong District, Bangkok 10260
- Contact channels: Email: dpo@waanx.com
Amendments and Changes to the Personal Data Protection Policy
The company may occasionally modify this privacy policy to align with any changes related to the processing of your personal data and to comply with any updates in the personal data protection laws or other relevant regulations. The company will inform you of any significant modifications by disclosing them on our website or through other appropriate channels, such as sending them to your email address.
This personal data protection policy is effective from the date: 2nd January, 2024.
Last updated: February 27, 2024
USER AGREEMENT
This User Agreement is made between Waan Exchange Company Limited, a Thai juristic person whose head office is located at 1758/4 Sukhumvit Road, Phra Khanong Tai Sub-district, Phra Khanong District, Bangkok 10260, which provides services as a Digital Asset Exchange and Digital Asset Broker, referred to as “Company” and the other party, which is the customer, is referred to as “Customer” and this user agreement is represented by the word “Agreement”. The Company considers that the customer agrees to accept all conditions and agreements, including limitations of liability, as stated below if the customer has recorded a check mark in the topic “I have read and agree to abide by the various conditions” in the registration application process on the company's website.
1. Definition
1.1 SEC Office means the Office of the Securities and Exchange Commission.
1.2 A Digital Asset Exchange means any center or network provided for buying, selling, or exchanging digital assets by matching or finding counterparties, organizing, or facilitating those wishing to trade or exchange digital assets to enter into an agreement or business matching can be made as normal trade.
1.3 A Digital Asset Broker means a person who provides services or represents to the general public that he or she is ready to provide services as a broker or agent. To buy, sell, or exchange digital assets for other people in the normal course of business and receive a fee or other compensation.
1.4 Cryptocurrency means an electronic data unit that is created on an electronic system or network with the intention of being used as a medium of exchange to obtain goods, services, or any other rights or exchange between digital assets and includes other electronic data units that are additionally specified by the SEC.
1.5 A Digital Token means an electronic data unit that is created on an electronic system or network with the purpose of determining the right of a person to participate in investing in any project or business or determining the right to acquire goods, services, or other specific rights. This is as specified in the agreement between the issuer and the holder and includes other electronic data units that the SEC has additionally specified. The SEC has issued an announcement specifying that the crypto token currency that the issuer intends to raise funds from citizens and the rights of individuals to participate in investing in any project or business or the rights to acquire goods or services or any other rights are specified. They are also considered digital tokens.
1.6 A customer means a natural person aged 20 years or older and a juristic person who wishes to transact with the company and completely registers a user account through the website.
1.7 Website means the website that the company specifies for customers to use to register user accounts and conduct transactions with the company, namely www.waanx.com or other websites that the company later determines and has announced to inform customers.
2. Creating an account on the website
The company requires customers to create their own user accounts on the website for themselves, to be the true beneficiary owner, to create only one account, and to truthfully record their own essential information to be accurate and complete as specified by the company. When the customer creates a user account, they must comply with the following criteria:
(1) Once the customer has specified a username and password, the customer must keep the password secret so that it is not lost or in the possession of another person. If lost, the customer must notify the company immediately so that the company can cancel and have the customer set a new code. However, the customer must be responsible for all damage to the company caused by the customer's use of the said code during the loss until the company cancels the said code.
(2) The customer must not give, reveal, or do anything else to let others know the username and password. If anyone else uses the said password for any reason, the customer agrees to be the one who is responsible for all damages to the company caused by the customer's use of the said password. This is the customer's own action and will not dispute the denial of any responsibility to the company.
(3) The customer should be required to change their passwords regularly, at least once every three months. The company will send an email to all customers on a quarterly basis to prevent random passwords from being randomly generated. The customer is requested to notify the company immediately if it finds or suspects that information related to customers or user accounts may have been compromised by notifying the operations staff via the chat box.
3. Account Usage Scope
3.1 The customer is solely responsible for all actions taken under his or her account throughout the use of the website.
3.2 The customer must not use any device or program, or any other method not authorized by the Company to enter the Company's system or website.
3.3 The customer must not attempt to circumvent any data or content screening process established by the company in order to access services or service areas that the customer does not have access to.
3.4 The customer must not do anything that violates laws, contracts, intellectual property, and various rights of third parties or commit acts that are likely to violate the rights of others, including not violating or against any rules, conditions, announcements of the company when accessing or using the website.
3.5 The customer must not use the website for any purpose that intentionally interferes with the system, disrupts, disturbs, damages, destroys, or has negative results. or inhibit other users from fully using the website, or behavior that may cause damage, make the system unusable, increase the burden, or disrupt the operation of the website in all cases.
3.6 The customer may not use the company's website to pay for, support, or display any behavior that is intended to be used for illegal gambling, fraud, money laundering, terrorism, or any other illegal activity such as pyramid marketing, Ponzi schemes, cash gifting businesses, money donation businesses, informal borrowing businesses, etc.
3.7 The customer must not spread rumors, fake news, or false or inaccurate information that may cause misunderstandings.
3.8 The customer must not invite or encourage other customers, other persons, or persons related to the company to commit illegal acts or violate the principles, rules, and regulations of the company.
4. The Use of Digital Asset Wallet
4.1 The customer must receive, send, and store digital assets via the trading platform on website by client themselves only.
4.2 The company will provide the digital asset wallet service only to the digital assets listed on the company's designated list. If there is a change in the list of names, the company will announce it to customers in advance on the website.
4.3 In the case that the customer's digital assets are not on the list of names that the company recently announced, the company will notify the customer via the email that the customer has provided to the company for no less than 60 days and will also set a time period for the customer to withdraw digital assets to other service providers. However, if the customer does not withdraw the digital assets within the specified period, the company will keep them for the benefit of the customer and charge a storage fee. The company will announce the asset storage fee on the company website and deduct it from the customer's deposit account with the company or debit the digital assets in an amount equal to the fee. However, the said fee is paid before the service is provided within a period of one year.
5. Risk from digital assets
The customer understands and accepts that trading digital assets is risky because the value and returns from trading digital assets can fluctuate depending on the price level of the invested asset, the liquidity of the asset, or investment conditions. In general, which may fluctuate due to events that cannot be known in advance, therefore, the customer may not receive the investment and benefits back equal to the amount invested. The customer understands and accepts that there may be other risks. The customer must carefully consider the decision to trade digital assets in accordance with the level of return and risk that the customer accepts and will be responsible for all damages resulting from various risks by the customer themselves.
6. Buying, selling, and exchanging digital assets
6.1 The customer can place buy or sell orders 24 hours a day. Before sending an order, the customer must have sufficient funds to cover the order. The customer must only have a sufficient amount of digital assets to complete the sales order.
6.2 Customers can view the status of all their trading transactions 24 hours a day.
6.3 The company has the right to prohibit or cancel any buy or sell orders that are considered to have the intent to cause digital assets or overall trading conditions to change or not change, which is inconsistent with the normal conditions of this digital asset trading center in the following manner:
(1) Buy or sell orders that the company deems inappropriate, such as orders in the form of matching trades with one another (wash sale / matched order), orders in the form of pushing, guiding prices, or orders in the form of inserting and withdrawing. Price support orders (such as split orders) and offers to buy or sell at a price at which a trade is unlikely to occur.
(2) Orders that exceed the cash the customer holds with the company or sales orders that exceed the digital assets the customer holds with the company.
(3) Any other actions that may violate the law or regulations of relevant agencies.
6.4 The customer certifies that the customer is well aware of the rules, conditions, and methods regarding the trading of digital assets via the internet or other electronic systems and accepts the risks that may occur in connection with trading digital assets through such methods in accordance with this agreement.
7. Customer’s Asset Keeping
7.1 The company will keep the customer's asset safe. Such assets shall be separated in the company's books so that they can be clearly identified as the customer's assets without any doubt, and the following actions will be taken:
(1) The company separates and keeps assets in the form of money at commercial banks or invests them under the framework of the law by clearly specifying in the deposit or investment account that it is operated by the company for the benefit of its customers (customer accounts).
(2) Digital asset will be stored by the company at a digital asset custodian (DA Custodian Wallet Provider) that has the qualifications as specified by the SEC Office and is done in a manner that can specifically identify such assets. It is the asset of any customer without any reason to suspect it.
7.2 The company provides monthly asset report to customers, where they can view assets and personal information 24 hours a day, 7 days a week for 1 year and 6 months backwards. However, if the customer requires the monthly asset report over such period, they can notify the company to send the asset report to them by requesting via the company website.
7.3 The customer agrees that the company will keep the customer's assets for the purpose of preservation, for trading or exchanging assets, or for any other benefit within the limits specified by law.
7.4 The customer acknowledges and agrees that the withdrawal of assets must be notified in advance according to the form and method specified by the company.
7.5 The customer acknowledges and agrees that the company will not pay and has no duty to pay interest to customers as a result of customers keeping Thai Baht in the Baht wallet that the company provides to customers. If there are any changes, the company will notify customers through the company's service platform or email.
7.6 The customer acknowledges and agrees that the company has no policy to pay interest rates or benefits from the customer’s digital assets that the company keeps or stores with third party digital asset custodians (Third Party Custodian).
However, if there is an airdrop or fork which may affect the value, functionality, and details of digital assets that customers deposit with the company. The company will announce or notify about the Airdrop or Fork at least 7 days in advance and will notify the customers who do not withdraw the said digital assets that they may not receive an airdrop or receive benefits from the fork.
7.7 The company agrees to take full responsibility for the customer's assets in the event that the customer's asset is lost or damaged due to the company's negligence in performing its duties.
7.8 In the event that the company encounters financial problems, customer funds kept with the company will not be protected according to the law of the Deposit Protection Agency.
7.9 In the event that the company plans to delist any digital assets (Delisting) from the company's trading system. The company will notify users of the incident for no less than 60 days, except in the case of urgent necessity that may cause damage to investors. However, once the company has notified the incident, users are responsible for transferring the delisted digital assets from the company's system within the said period. Otherwise, the company reserves the right to collect a fee from the deposit of digital assets. The deposit fee rate will be announced by the company to users on public channels.
8. Digital asset brokerage
8.1 Assigning the company to be a digital asset broker
8.1.1 The customer agrees to appoint the company to be the customer's broker in buying, selling, transferring, accepting transfers, and/or exercising rights in all types of digital assets traded in various digital asset trading centers that are partners with the company in the amount and price as ordered by customers throughout receiving, delivering, and holding said digital assets.
8.1.2 The customer must pay and/or the company has the right to claim the purchase price of digital assets, fees, service fees, taxes, brokerage commissions, and other expenses related to trading. and/or sell and transfer digital assets and receive payment for the sale of digital assets or any other rights arising from digital assets, including various tax deductions submitted to the Revenue Department (if any).
8.2 Placing orders
8.2.1 Pending orders, displayed on the company's website, combines the bid and offer price data of other digital asset exchange from the company’s partners with the bid and sell price data of the company's digital asset exchange. The system will arrange orders in order of the best price and time (Price then Time Priority), regardless of which digital asset trading center the order comes from. And the principles are:
(1) The order with the highest bid will be placed first, and if a higher bid is resubmitted, the higher bid will be placed first, and if there is more than one bid at each price, they shall be arranged according to time, with the bid appearing first in the trading system being classified as the bid first.
(2) Sell orders with the lowest ask price will be placed first, and if a lower ask price is resubmitted, the lower ask price will be placed first. If there is more than one offering at each price, they are sorted chronologically, with the offering appearing first in the trading system being prioritized.
8.2.2 When a customer orders a digital asset to sell, if the order can be matched immediately, the system will match it. If the order cannot be matched, the system will arrange the order according to the principles. Price, then time priority, as mentioned above, to wait for the next order to be matched.
8.3 Payment and delivery of assets
When a customer's digital asset trading order is matched, the system will update the customer's cash and digital asset balance in the trading account for withdrawals of the trading assets. The customer must withdraw or transfer such assets according to the form and method specified by the company, which the company will announce to the customer via the company's website.
At the initial stage, the company has set the processing time for withdrawing assets as follows:
Digital assets Within 2 business days from the date the customer makes a digital asset withdrawal transaction.
Fiat If the withdrawal amount does not exceed 2 million baht
within 24 hours of the customer's submitting withdrawal order
If the withdrawal amount exceeds 2 million baht within
24 hours of the completion of the approval and verification process,
8.4 Information Disclosure
In the case that the company sends trading orders to another digital asset exchange that is a partner only with the company, the company will disclose the relationship between the company and that digital asset exchange in terms of affiliation (such as affiliated companies), referral agreements, and kickbacks, which will be announced on the company's website for customer decision-making before starting to use the service.
9. Service Fee
The company announces digital asset trading fee rates and other fees on the website in full. Customers can have a look at it at any time. If there are any changes, the company will notify customers via the website and electronic mail (email address) that customers use to register.
10. Tax
. The customer agrees to acknowledge the taxes including but not limited to VAT, withholding tax, taxes on profits generated from trading digital assets, taxes that may occur in the future such as taxes that have been collected retroactively and any other taxes related to the customer or customer transactions. Customers must be responsible by themselves. The Company is only a facilitator to provide information or documents (if any) for the tax payment by customers to the Revenue Department or other relevant government agencies to be convenient, accurate, and complete.
11. Liability for damage
The company will not be responsible for any damages in this case.
11.1 The actions of the customer are understandable or understandable to be done by the customer themselves, including but not limited to accessing the company's services, including:
(1) Incorrect account number or other information for the account to which funds will be transferred (or from the account from which funds will be withdrawn) according to the customer's instructions.
(2) Providing incorrect cryptocurrency addresses or information for cryptocurrency transfers or withdrawals (including depositing cryptocurrency with customers)
(3) Sending unacceptable cryptocurrencies or tokens to customer accounts
11.2 Force majeure events that cannot be controlled, such as natural disasters, protests, terrorism, and the occurrence of war, whether within or outside the country, include cyber warfare, defects or damage to electrical or telecommunications systems, laws or various rules that will be established in the future, etc.
11.3 Any other event, direct or indirect, that is beyond the reasonable control of the company's business operations, unless the damage to customers is proven to be from the company, directors, executives, or personnel not conducting business or not performing their duties properly, according to the announcement of the SEC Office No. Kor.Thor 19/2561 subject: rules, conditions, and methods for conducting digital asset business and other related announcements, including various announcements from government agencies that oversee the company's business operations.
12. Prevention of money laundering
The company is under Anti-Money Laundering Act and the Anti-Money Laundering Act and the Anti-Terrorism Financing and Proliferation of Weapons of Mass Destruction Act in order to ensure that the Company's operations are in accordance with the aforementioned Acts. Therefore, customers are required to do the following:
12.1 The customer acknowledges and agrees to provide sufficient information and related documents, or additional requests later as determined by the company so that the company can consider that the customer is the same person as the evidence presented and examined to know the customer's facts correctly, including the actual reasons for the transaction.
12.2 The customer must not be involved with or be the person who invites or supports other people, whether directly or indirectly; all or only some of the transactions may be considered violations of the Act mentioned above.
12.3 If the customer knows or finds that other customers or persons related to the company are involved in violating the above Act, the customer must notify the company immediately.
13. Suspension or refusal of transactions
13.1 The company has the right to refuse to establish a relationship (open an account), temporarily suspend, limit, or terminate access to all or part of the service, and/or close or cancel the customer's user account in various cases, such as:
13.1.1 The customer has behavior that affects their rights and freedoms or is threatened or intimidated, whether it happens to the company, employees, partners, other customers, or any person who has a relationship with the company.
13.1.2 There is use of an account that may be considered to be in violation of the rules and regulations, company regulations, or government agencies that regulate the company, or transactions that may be considered illegal.
13.1.3 The customer violates any policy or order that the company notifies the customer of from time to time.
13.1.4 The Customer does not comply with this Agreement or any future changes to which the Customer has accepted.
13.2 If the company temporarily suspends or closes the customer's user account or terminates the use of the company's services for any reason, the company will notify the customer of such action unless there is a court order or legal process prohibiting the company from notifying the customer. The customer acknowledges that the company's decision to take any specified action may be made under confidentiality rules. This is necessary for risk management and other company security policies. The company has agreed not to disclose details of its risk management and security procedures to customers.
13.3 If the company temporarily suspends or closes the customer's user account or terminates your use of the company's services for any reason, (This is in accordance with this agreement.) the company reserves the right to require the customer to go through an identity verification process before the customer can transfer or withdraw any digital assets or legal currency from the Digital Asset Wallet or Baht Wallet.
13.4 The customer may terminate the customer's account at any time by submitting the request to the company and withdrawing the entire amount of both Thai Baht and digital assets. The customer will not be charged any fees for terminating the account, However, the customer will not be released from any liability or responsibility for paying any outstanding payments to the company (if any). After the termination process is completed, the customer cannot open an account with the company again.
13.5 The Customer authorizes the Company to cancel and suspend any transactions in progress while providing notice of termination of the Customer's User Account.
14. Accepting complaints
14.1 The company have informed the customer of the complaint channel via the company website. However, the customer is required to give the company personal data and important facts for the company to resolve the complaint. The company reserves the right to request more information or documents from the customer. The company will ensure that all information obtained during this procedure is kept confidential and is not disclosed to any irrelevant individuals. The processing of data throughout this process will adhere to the company's privacy policy.
14.2 The company will find a resolution to the complaint and report the results to the complainant and the office of the SEC without delay. However, if the resolution that the company has determined is not satisfactory to the complainant, complainants can file a complaint with the SEC, which is another company regulatory agency. The company will provide channels for filing complaints with the SEC on the company's website as well.
15. Other agreements
15.1 Notice
15.1.1 All letters or any documents that the company sends to customers, regardless of whether they are sent through just one channel, include addresses listed in household registration. Current address, work address, electronic mail address (email address) or other addresses that the customer has provided information to the company. The customer agrees that he has received the document completely and correctly without raising objections or denying receipt of such documents.
15.1.2 If this agreement is drawn up in a language other than Thai, if there is any dispute between the language translations, the Thai version of this agreement will be final and have effect according to the laws of Thailand.
15.2 Additional amendments
15.2.1 The Company may, at its sole discretion and without prior notice, amend or modify this agreement. The company will take into account the interests of its customers and will publish the amendments through the company's website. Such changes will become effective upon acceptance by the customer, and the customer agrees to strictly abide by the conditions set by the company.
15.2.2 If the customer does not agree and consent to any amendments, the customer has the right to cancel the use of the company's services and close the user account.
15.2.3 The customer agrees that the company will not be liable to the customer or any third party for any temporarily suspend, limit, or terminate access to all or part of the service, and/or close or cancel the customer's user account, as a result of the customer committing anything that violates this agreement.
In this regard, this service agreement is determined to be effective from 27 February 2024.
Last updated: January 02, 2024
PRIVACY POLICY
The company recognizes the importance of collecting, using, and/or disclosing ("processing") your personal information when accessing or using our services. Therefore, we have established this privacy policy to inform you of the purposes and details of how we collect, use, and disclose your personal information. The company will take strict measures to ensure security and prevent unauthorized use of your information. Visitors can browse the company's website for information about digital assets, other services, check service rates, and retrieve relevant company information without providing any personal information unless they wish to register for our services.
Purpose of Data Collection
Information related to customers or any individuals will only be used for lawful purposes in conducting the company's operations. Customer data will not be processed unless the company has communicated its intended purpose. The company will only collect as much personal data as necessary, either directly from you when registering on our website or from other reliable sources, in a lawful and appropriate manner.
The company will only collect, use, and/or disclose your personal information as necessary under the company's lawful purposes. This includes collecting, using, and/or disclosing personal information for contract performance where you are a party, complying with legal obligations, for legitimate interests, based on your consent, and/or other legal bases. The purposes of collecting, using, and/or disclosing personal information according to this policy are as follows:
Purposes Relying on Consent
In the event that you have provided your consent to our company for the collection, use, and/or disclosure of your personal information, we will process your personal data for the following purposes:
1. Collection, use, and/or disclosure of sensitive personal data that the company cannot rely on other legal bases, other than explicitly seeking consent. The purposes include:
(1) Information related to religion and ethnicity (Such information is derived from copies of identification cards or copies of passports from certain countries that the company must use solely for verification and identity confirmation purposes).
(2) Biometric data for signature verification, personal identification, and the company's electronic Know Your Customer (e-KYC) services.
2. Marketing activities, product offers, and/or service promotions, exclusive rights to participate in events organized by the company or its business partners, including receiving news, useful suggestions, and suitable promotions. It also involves the use of data for analysis, research, and/or statistical compilation, as well as the development and enhancement of the company's products and/or services. If you do not provide consent in this regard, you might miss out on news updates and benefits you could have otherwise received.
For purposes based on legal grounds other than consent
The company will collect, use, and/or disclose your personal data according to legal provisions necessary for the company's lawful objectives. This could be for contract execution where you are a party, meeting legal obligations, deriving lawful benefits, and/or actions under alternative legal bases. The data processing purposes might include:
- Verifying information/document accuracy, identity authentication, such as through the "Know-Your-Customer" (KYC) and customer due diligence (CDD) processes, cross-referencing the Sanction List mandated by law enforcement or public organizations, checking for property confiscation or bankruptcy, and assessing customer risk.
- Offering advice, recommendations, and/or related product and/or service information, as well as customer engagement for convenient service and/or product application.
- Executing orders to fulfill the customer's transactional objectives, such as depositing, withdrawing, transferring, exchanging assets, verifying, confirming, and updating transaction records.
- Addressing complaints, resolving issues, and processing to customer requests.
- Conducting marketing initiatives not requiring your legal consent, such as showcasing products /services and/or highlighting special privileges, relaying your entitlements, engaging when service registration has not yet been completed, assisting in the registration of similar services, evaluating customer groups for event invitations, or tailoring sales promotions.
- The company's other activities such as analysis, research, market research, compiling statistical data, financial data analysis, and/or preparing reports for internal use. This also includes management, risk management, internal company audits, upholding lawful interests, establishing customer databases, and storing data in systems or databases. It also covers any other objectives that the company can lawfully undertake.
Personal Data to be Collected
The company collects your personal data directly from you or from other sources as specified by law to align with the company's legal basis mentioned earlier. The personal data that the company collects may include:
- General personal information, such as name-surname, address, contact channels, date of birth, nationality, country of residence, KYC and CDD details, shareholding proportions, and/or data from documents or other information to verify occupation, income, or business operations. Financial data and transactions, such as transaction history including purchases, sales, exchanges, transfers, asset account numbers, asset quantities, deposit amounts, and transaction channels, etc.
- Technical information or tools, like computer identification numbers (such as IP or MAC addresses), device identification codes (Device ID), logs, and other technical data from platform and operating system usage, etc.
- Other information, for example, records of communication or interactions between you and the company, complaints, or requests for various rights submitted by customers to the company.
Data Disclosure
The company will not allow the disclosure of any information, except to employees who have been granted permission, or to other individuals who have been authorized by the customer to access the data for performing tasks as prescribed by law. The company also prevents unauthorized use of customer information. However, the company may disclose your information based on its legal foundation to individuals or entities as follows:
- Partners, company representatives, subcontractors, or external service providers to conduct business on behalf of the company or to support the provision of the company’s products and/or services as specified by law. This includes legal enforcement agencies, regulatory bodies overseeing the company, and consultants/experts such as auditors and external inspectors.
- Other authorized individuals involved in maintaining, repairing, modifying, or upgrading the company's transaction systems. The company ensures confidentiality agreements are in place, binding them to the applicable laws.
- With your consent, the company may disclose information to any individual or entity to achieve the objectives that have been communicated to you.
- Other third parties, such as individuals with whom you have a contractual or transactional relationship, users of the company's e-KYC services, etc.
Use of Cookies and/or Similar Technologies
The company may collect and use cookies and/or other similar technologies when you access and use the company's website and/or applications, including conducting transactions, using products, and/or services of the company through digital channels and the internet network. To learn more about the collection and use of cookies or other similar technologies, you can refer to the company's "Cookies Policy" at www.waanx.com.
Data Retention
The company will collect and store personal data for a period that can be reasonably expected based on standard data collection practices. Personal data is retained either for the period mandated by law, throughout the duration required by a contract, or any other legally justified basis. Once the retention period for the personal data expires, the company will immediately delete or destroy said data.
Details on Transferring or Sending Personal Data Abroad
The company may transfer your personal data to foreign countries at your request or in order to fulfill the company's legitimate objectives. The company will send or transfer personal data to destination countries or international organizations that maintain adequate personal data protection standards. Alternatively, data may be transferred abroad under other conditions as prescribed by law. The company ensures that appropriate measures are in place to safeguard your rights as the data owner, including effective legal remedies.
Your Rights under the Personal Data Protection Act, B.E. 2562 (2019)
The Personal Data Protection Act, B.E. 2562 (2019) defines various rights of personal data owners. These rights will come into effect once the provisions of the law regarding these rights are enforced. The details of these rights include:
1) Right to Access Personal Data: You have the right to access, obtain copies, and request the disclosure of the origins of your personal data stored by the company without your consent. This is unless the company has the right to refuse your request based on legal reasons, court orders, or in cases where exercising your rights may adversely affect the rights and freedoms of others.
2) Right to request the correction of personal information to ensure it is accurate, complete, and up-to-date: If you find that your personal information is incorrect, incomplete, or outdated, you have the right to request a correction to make it accurate, current, complete, and to prevent misunderstandings.
3) Right to Erase or Destroy Personal Data: You have the right to request the company to erase or destroy your personal data or to make your personal data unidentifiable in the future. This right to erase or destroy personal data is subject to conditions as stipulated by the law.
4) Right to request a suspension of the use of personal information: You have the right to request a suspension of the use of your personal information under the following circumstances:
a) During the period the company is reviewing your request to correct personal information to ensure it is accurate, complete, and up-to-date.
b) When the personal information has been collected, used, or disclosed unlawfully.
c) When the retention of the personal data of the data subject is no longer necessary according to the purposes informed by the company during its collection, but the data subject wishes the company to retain that data for the exercise of legal rights.
d) During the period the company is verifying the lawful grounds for collecting the personal information or checking the necessity of collecting, using, or disclosing personal information for public benefit, resulting from the data subject's objection to the collection, use, or disclosure of personal data.
5) Right to object to the processing of personal information: You have the right to object to the collection, use, or disclosure of your personal information.
6) Right to withdraw consent: In the event that you have given your consent to the company for the collection, use, or disclosure of your personal information, you have the right to withdraw that consent at any time throughout the period your personal information is retained by the company, unless there are legal limitations which necessitate the company to continue holding the data.
7) Right to access, transfer, or transmit personal information: You have the right to request your personal data from the company in a format that is generally readable or usable by automated devices, and to use or disclose personal information automatically. You may also request the company to send or transfer such data to another data controller, provided that this right is exercised under the conditions defined by law.
You, as the owner of personal data, have the above rights subject to conditions and exceptions as set forth by the law. Specifically, in cases where the collection, use, or disclosure of your personal data is carried out to fulfill legal obligations of the company, your rights may in some instances be limited by the law.
You can submit a request to exercise your rights to the company. The company will consider and respond to your request or deny it, notifying you of the result within 30 days from the day the company receives a complete request document as defined by the company's conditions.
In cases where the company has an unavoidable necessity that requires more than 30 days to consider your rights request, the company will promptly notify you of the reasons for such delay. If the company decides to deny your rights request, the company will inform you of the denial along with its reasons. Should you have doubts about the denial, you can inquire with the company.
Contact for Inquiries or Exercising Rights
If you have any questions, suggestions, or concerns about the company's collection, use, and disclosure of personal data, or about this policy, or if you wish to exercise your rights under the personal data protection law, you can contact:
Data Protection Officer
- Contact: Data Protection Officer
- Address: 1758/4 Sukhumvit Road, Phra Khanong Tai Sub-district, Phra Khanong District, Bangkok 10260
- Contact channels: Email: dpo@waanx.com
Amendments and Changes to the Personal Data Protection Policy
The company may occasionally modify this privacy policy to align with any changes related to the processing of your personal data and to comply with any updates in the personal data protection laws or other relevant regulations. The company will inform you of any significant modifications by disclosing them on our website or through other appropriate channels, such as sending them to your email address.
This personal data protection policy is effective from the date: 2nd January, 2024.
