Personal Data Protection Policy

Privacy Policy and Consent related to the Personal Data

Gother.com is a website and mobile application providing worldwide online tourism and related services to customers, members, trade partners and the general public. Search Engine Optimization Co., Ltd., “Gother”, “We”, or “Our”, is the owner and operator of the Gother.com website, mobile application and “Gother Cash” loyalty program. We realize the importance of personal data and respect the privacy of every user. This privacy policy will explain the method which we will use to collect, use, disclose and process related to the data which will be able to specify your identity, (”Personal Data”), in relation to the services provided by us via the Gother.com website. We kindly request you to please read the following Privacy Policy to be informed about how we collect, use, and disclose (collectively referred to as "Processing") your Personal Data.

You may browse information and search for various products offered by Gother. In this regard, please be advised that we may collect data related to your website usage, cookies, and IP address. But if you have the intention to use the service or would like to access some information, such as purchases from the website, hotel reservations, flight ticket reservations, car rental, package tours, event tickets and travel insurance purchase you will have to comply with the terms and conditions specified on the website and application of Gother.com and the Privacy Policy.

1. Who the Privacy Policy is applicable to

This Privacy Policy pertains to individuals who are our customers as natural persons or representatives acting on behalf of legal entities (including authorized board members, agents, or authorized representatives) collectively referred to as 'you' or 'customers'. This includes individuals who maintain accounts or consume financial products, services, and other transactions with us (collectively referred to as 'Products'). It also encompasses prospective customers expressing interest in applying for our Products.

2. Data owned by Gother

Data that appears on the Gother.com website that has been prepared by Gother for information purposes only.

All data, including messages and pictures that appear on the Gother.com website and application are protected under copyright law and related intellectual property laws. Illustrations, photographs, computer renderings and other data appearing on the Gother.com website are the property of Gother and/or proprietary to Gother as lawfully licensed by their respective owner. The use of any pictures (photographs, illustrations, computer renderings, etc. in the Gother.com website and application shall be subject to the prior written consent of Gother. The dissemination, reference, duplication, reproduction or editing of any information, whether in part of in full by any means is prohibited without the express written consent of Gother.

3. Data Collection – What Data will be collected?

We only collect personal data that is necessary for the purposes provided in Article 5. The data collected by Gother is as follows:

  1. Personal Data, that is able to identify the person that you have given to Gother for registering or applying to be the member or receiving the service, including notifications for e-mail and/or the newsletter such as, Name-Surname, Address, E-mail, ID Card No., Passport No., Mobile Phone No., Flight No., Login Name and Password, including the search settings in which case we will collect your personal data as follows:
    • When you have filled the information in the platform that we have prepared for filling the information.
    • When you have entered to make the transaction to place the purchasing order for the product or service on the website or the platform, have entered into the contract, have provided documents or any related information with the correspondence between you and us.
    • When you contact our staff, express an opinion, submit a complaint or ask for additional information from us, whether the correspondence channel is through the website, e-mail, phone or social media and
    • When you have sent your Personal Data to us for any other reason.
  2. The information on your computer and your visit to our website will be logged and recorded on your browser automatically, such as:
    • IP address of your computer.
    • The type of your browser.
    • Your webpages accessed prior to entering our website.
    • The web pages that you have visited on the website.
    • The number of the times that you have visited a web page, the products or the information that you have searched for, the visiting time, the date, and other statistical information.
  3. Contact information, voice recording of the conversation between you and Gother for both buying products and services, opinions provided or giving recommendations and the comments. In the case that your personal information provided changes, you agree to notify Gother or to adjust or edit the aforementioned information according to the criteria and the method that is specified in the Gother.com website and application for letting your information be corrected and up to date at all times. You acknowledge that if your information provided isn't correct, this may affect the provision of services by Gother and Gother shall not be liable for any loss or damage incurred to you or any third party resulting from your failure to edit or adjust your information to be up to date and correct.
  4. Sensitive Personal Data, which is data specifically designated by law, will be processed by Gother only upon obtaining clear consent from you or when Gother deems it necessary, as permitted by law. This information may be present on your national identification card (such as religion and/or blood type), biometric data, data obtained from cross-referencing with a list of restricted persons and health-related information.

4. We obtain your personal data from the following sources:

We may obtain your personal data from the following sources:

  1. Directly from you: We collect and process personal data provided directly by you. This includes Personal Data entered on the Gother.com website and application for the consumption of our products or services, data from accompanying documents submitted during product application processes, and personal data generated through the use of our products or services or when interacting with the Gother.com website and application. This may involve the use of cookies, contact information, visitation data, and information from social media, online, or digital platforms, as well as from call centers or other channels.
  2. From customers, primary service providers, agents, external individuals, or business partners: We may collect Personal Data from current or prospective customers through referrals, friend referral programs, or as directed by you. Additionally, we may gather personal data from external individuals when receiving instructions from you, from your accounts with us, or as part of joint marketing promotions or activities with business partners. For minors under 20 years old, we may collect personal data if proper consent is obtained from their legal guardians in accordance with applicable laws. Proof of consent may be requested.
  3. From other sources: We may collect Personal Data from various sources, including, but not limited to, databases, public information sources, online channels, social media, advertising companies, external service providers offering background check services, court judgments, tax authorities, business development agencies, and other relevant government or non-government entities.

5. Purpose of Collecting and Processing Data

Gother collects, uses, discloses or subsequently submits your Personal Data to a third party that includes, but is not limited to, airline service providers, hotels, car rental companies, tour operators, activity service providers, restaurants, shops, transport companies, railway companies, cruise ship companies, amusement parks, telecommunications network service providers, insurance companies, etc., both domestically and overseas. as well as employees, agents, distributors or our distributors for the following purpose:

  1. For the purpose of adjustment of the quality of service and to develop improvement of the Gother.com website to respond to the requirements of the user in the best possible manner, including studying and analyzing the marketing information in order to provide the website services.
  2. To provide the products and the services as you request.
  3. To fulfill your purchase order for goods or services, including payment for the product or other related services.
  4. To attend to the credit card transaction or the payment transaction through other methods.
  5. For contacting and communicating with you by sending the message, e-mail, the mail or other forms or sending the newsletter which some of your Personal Data that may appear on the page of the parcel post that is used for delivery, including for permitting us to gain access to you via other social media.
  6. To inform you in any case of service irregularity such as flight delayed or cancelled
  7. In the case of the following events, you expressly agree to consent for us to process your Personal Data:
  8. (1) For the purpose of direct marketing by means of direct messaging, marketing materials and promotional information related to our goods and services which match the channels of communication which you have provided to us in order to present information relating to new goods and services, discounts or special promotions to you as the user. If you wish not to receive such discounts or special promotions or be contacted by us, you can do so by using the hyperlink appearing in those offers to decline and to inform Gother in relation to general correspondence or email upon request.

    (2) To collect your Sensitive Personal Data in certain cases for the purposes set forth in this Privacy Policy. In addition, we may also collect biometric data for the purpose of personal identification when you enter into transactions with us.

    (3) To disclose your Personal Data to our business partners or third parties for the purpose of marketing and offering products.

    (4) To disclose your Personal Data to our business partners or affiliates as well as external service providers for the purpose of offering special benefits or privileges to you.

  9. In the event of a business transfer, merger, sale, or transfer of all or part of our assets, user information within the system is considered a transferable asset. We will take appropriate steps to ensure that the acquiring company or transferee complies with the conditions specified in this policy.
  10. To disclose information to relevant regulatory authorities as required by law and as necessary for legal processes or court orders or directives from authorized agencies.
  11. To disclose information to protect the rights under the law of Gother, users, and others in situations as described above. The recipients of personal data from Gother may be located in a country with data protection standards that may not be sufficient or differ from the laws applicable in your country. In such cases, we will ensure that the transfer or disclosure of personal data complies with applicable laws and will implement measures to protect Personal Data as deemed necessary and appropriate in line with this Privacy Policy.

6. Grounds for Collection, Use, Disclosure, or Transfer of Personal Data

We collect, use, disclose, or transfer your Personal Data under the following legal grounds:

  1. Performance of a Contract: If you register as a member or use our services on the Gother.com website and application, and if you do not provide necessary Personal Data for membership or service usage, we may not be able to proceed with your registration or provide services.
  2. Legitimate Interests of Gother: We may collect, use, disclose, or transfer your Personal Data when necessary for the legitimate interests of Gother, taking into account your interests and freedoms. We will not collect, use, disclose, or transfer data beyond what you might reasonably expect.
  3. Necessary for the benefit of us or Third Parties
  4. Explicit Consent: In cases other than contractual obligations or legitimate interests, where it is necessary for our legal benefit, and we need to collect, use, disclose, or transfer your Personal Data, we will seek explicit consent from you before proceeding. You may withdraw your consent at any time, subject to applicable laws and regulations. However, withdrawal of consent may affect our ability to process your data for activities related to the products or services we offer. Withdrawal of consent does not affect the processing of personal data for which we have obtained your consent before the withdrawal.

7. Cookies program – What is the policy related to the cookies program?

The cookies program is the database unit that is normally stored on the hard drive of the computer of the user. By this will help the website to be able to, “adjust”, itself to be suitable with each user by remembering the information related to the visiting of the website of the user. Cookies program will be sent in your web browser or on your gadget when you enter to visit the website or access information. This program will help to be able to contact and remember the browser or your gadget. This will help to facilitate your usability. Strictly Necessary Analytics and Preference Cookies are needed to access Gother. These cookies are necessary for the website to function and cannot be switched off in our system. Other cookies can be disabled according to the customer’s preferences.

8. Connectivity to the website of third parties

Gother.com website may gather links or the connection to other websites that are of the third person for the objective in facilitating in entering to visit other websites. Those websites of third persons may gather your personal data. Gother does not participate or have any liability in storing the aforementioned data or preparing the privacy policy of those websites at all. For this reason, we would like to recommend you to check and review the privacy policy of the website of the third party carefully before you use the service of that website further.

9. Disclosure of Your Personal Data

We may disclose your Personal Data to the following parties:

  1. Our affiliated companies both within and outside of Thailand, for the purpose of managing your relationship with us and providing services and/or products to you, fulfilling contractual obligations, and for other purposes specified in this privacy policy.
  2. External service providers, those who provide services to us and/or services related to your rights or various operations under contracts between us and you.
  3. Contractors and representatives those contracted by us and acting as our representatives, bound by agreements to maintain the confidentiality of your personal data.
  4. Main service providers, primary service providers such as payment system providers, benefit administrators, or business process managers to facilitate your account management.
  5. External Legal Consultants in cases involving debt collection, legal proceedings, and protection of our rights, assets, personnel, security, business operations, and our customers.
  6. Internal and external auditors appointed by us to ensure compliance.
  7. Regulatory Authorities and Government Agencies in any country, including but not limited to the Anti-Money Laundering Office, Revenue Department, or Ministry of Commerce, for regulatory, legal proceedings, or case adjudication purposes.
  8. Organizations or entities we join as members.
  9. Our Business partners advertising companies, social media, or other media, for product presentation and/or marketing purposes as detailed in this privacy policy.
  10. Third parties involved in changes of ownership rights in us, or our assets in the event of changes in ownership rights, assets, or any property belonging to us.
  11. Individuals or organizations as required by Law to comply with relevant laws and regulations.

10. Transfer of Your Personal Data to Other Countries

We may transfer your Personal Data to companies within our corporate group, including businesses abroad. In some cases, we may also transfer data to external parties (such as main service providers) located in different countries. Each country may have data protection measures different from those set by the data protection agencies in Thailand. Nevertheless, we prioritize the protection of our customers' personal data and adhere to appropriate data protection standards for the transfer of personal data abroad. We ensure that external service providers receiving your personal data from us comply with suitable data protection standards.

In cases where we need to transfer your Personal Data to companies within our corporate group, we follow secure and compliant data transfer procedures. This includes adherence to our privacy protection policies for the secure and binding transfer of personal data to data controllers or data processors located in different countries within the same corporate group (binding corporate rules). In certain situations, we may be required to transfer your personal data to different countries to fulfill contractual obligations, such as providing services and products to you.

11. Security of Your Personal Data

Gother ensures the implementation of technical and organizational measures appropriate for preventing unauthorized or unlawful processing, accidental loss, alteration, unauthorized disclosure, or access to personal data. All data is securely stored and maintained in accordance with stringent security standards. Additionally, Gother uses Secure Socket Layer (SSL) technology to encrypt credit card information during transmission. Please note that it is impossible to completely eliminate security risks associated with the storage and transfer of Personal Data.

12. Data Retention Period

Gother will collect and retain your Personal Data for the duration required by relevant laws, as necessary for the purposes outlined in Section 5, and based on the legal bases for personal data processing in Section 6. The data retention period is set at 10 (ten) years after the termination of the agreement between us and you or after the last provision of services to you, unless otherwise specified by applicable laws.

In cases where we process your Personal Data in accordance with legal obligations, your Personal Data will be retained for the period specified by the relevant law. If we process your Personal Data based on your consent, as provided to us, we will delete, destroy, or anonymize the data to make it non-identifiable upon the expiration of the specified period or withdrawal of your consent. The retention period will be in compliance with the terms and conditions of the applicable laws.

All data collected and processed by us will be stored on servers located in Thailand and will be operated under this Privacy Policy, adhering to Personal Data protection standards under the laws of the Kingdom of Thailand.

13. Personal Data Subject’s Rights

During the period of collection of the Personal Data, the data subject has the following rights:

  1. To grant or decline to grant consent to us to collect, store, use or disclose Personal Data according to this privacy policy. In any case, you will be able to visit the Gother.com website and/or other websites of Gother for additional information related to the privacy policy of Gother.
  2. Amend the particulars of the consent given or withdrawing consent by contacting us. If consent is withdrawn, we will cease to process your Personal Data that had previously been processed under your consent immediately. For the avoidance of doubt, the withdrawal of consent shall not affect the collection, use or disclosure of Personal Data previously consented to.
  3. To access and obtain a copy of your Personal Data that is under our responsibility or to disclose the source of the Personal Data that has been obtained without your consent.
  4. Object to the collection, use or disclosure of Personal Data in the event that the Personal Data has been collected without your consent, save in the case we have legitimate legal grounds to collect, use or disclose your Personal Data without your consent or in the event that the collection, use or disclosure of your Personal Data is for the purpose of establishing a lawful claim, to comply with the applicable law or to exercise a lawful right or to establish a legal defense.
  5. To request us to delete your Personal Data or render your Personal Data incapable of being able to identify you, in the following cases:
  6. 1. When your Personal Data is no longer required to be stored for the purposes of the collection, use or disclosure of Personal Data pursuant to this Privacy Policy

    2. Upon withdrawal of consent to collect, use or disclose your Personal Data that you have provided us and when we have no legal grounds to collect, use or disclose such Personal Data or

    3. When there is no objection to the collection, use or disclosure of Personal Data pursuant to Article 13.4.

  7. Request us to suspend the use of your Personal Data temporarily in the following cases:
  8. 1. When we are in the process of reviewing your request to correct your Personal Data to be correct, up to date and complete and to prevent any misunderstanding

    2. When the Personal Data has to be deleted or destroyed due to an absence of consent of the data subject’s to collect, use or disclose the Personal Data

    3. When there is no longer any necessity to maintain the Personal Data for the purpose which it was collected pursuant to this Privacy Policy, but you have requested for it to continue to be maintained in order to establish a legitimate legal claim, to comply with or exercise a right of claim under law or to establish a legitimate legal defense and

    4. During the process of seeking proof and review upon an objection to the collection, use or disclosure of Personal Data pursuant to Article 13.4

  9. Request use to amend your personal data to be correct, up to date, complete and to not cause any misunderstanding, in which case we may request that you prove your identity by providing data or submitting a copy of documents that can identify you correctly in order to comply with our security policy and prevent the disclosure of data without consent.
  10. Request for the transfer of your Personal Data that we have collected to another person.
  11. Object to the Processing of your Personal Data based on automated processing.
  12. File a complaint with the Office of the Personal Data Protection Commission in cases where we, as the data controller and processor of your Personal Data, or our employees or contractors, violate or fail to comply with the Personal Data Protection Act of 2019.

14. Links to Third Party Websites

Our website contains links to other websites that are not owned or operated by us (“Third Party Website”). When using the link to access a Third Party Website, you will be subject to the privacy and security protocols of that particular site, which could vary from ours. It is advisable to acquaint yourself with the privacy policy, terms of use and security measures of the linked Third Party Website before disclosing any information on such Third Party Website.

15. Algorithms and Machine Learning

We employ various tools to enhance and develop our services utilizing algorithms and machine learning. These tools include predictive algorithms and generative AI algorithms for content creation. We consider where and how to deploy these tools in line with applicable laws and our Privacy Policy.

16. Contact us

If you have the reason to believe that your Personal Data has been breached or have any question related to this Privacy Policy or wish to withdraw the consent that you have given for collection, using, or disclosing your Personal Data or wish to exercise any right related to the personal data, please kindly contact our Data Protection Officer (DPO) according to the below Email address. We will check your identity before we will approve you to access or change the Personal Data for protection of the safety and your privacy. We will operate to attain the result according to your request urgently within 30 days from the date that we have received the aforementioned request. In the case that we can’t follow your request, we will notify you to know the reason rapidly. Please know that when there is the withdrawal of the consent for collection, using, or disclosing your Personal Data, we may not be able to render the service to you again further and you have to accept that we won’t have to take the responsibility for you for the loss or any damage from or that is related to the way that we can’t render the aforementioned service.

E-mail: dpo@gother.com

17. Restrictions for Minors

We collect, use, or process Personal Data of individuals who are individuals according to the provisions of the Personal Data Protection Act BE 2562 (2019).

18. Privacy Policy Changes

Gother reserves the right to change, modify, or update the Privacy Policy at any time as deemed appropriate without prior notice. Gother will announce any such changes, modifications, or updates on the Gother.com website, and you can check them at any time.

In cases where such changes may affect the purposes for which we collect your Personal Data based on your previous consent, we will inform you of the details of the changes and request your consent again (where required by law) before the changes take effect.

This Privacy Policy is effective as of 21 March 2024 onwards.

Cookies Setting