SASOM

SASOM Privacy Policy

Updated November 18, 2025

(Effective as of 16 November 2025)

1. Preface

1.1 SASOM (Thailand) Co., Ltd. (“SASOM”, “we”, “our”, or “us”) recognizes the importance of protecting your Personal Data. This Privacy Policy explains how SASOM collects, uses, discloses, stores, and protects your Personal Data when you access or use sasom.co.th, the SASOM mobile application, and any services provided by SASOM (“Services”).

1.2 By registering an account, accessing the SASOM platform, or using any SASOM Services, you acknowledge and agree to this Privacy Policy and consent to the collection, use, and disclosure of your Personal Data in accordance with the Personal Data Protection Act B.E. 2562 (2019) of Thailand (“PDPA”).

1.3 We will retain your Personal Data only for the period required by law and as necessary to fulfill the purposes described in this Privacy Policy.

1.4 If you have questions about this Privacy Policy, please contact support@sasom.co.th.

2. Definitions

For clarity:

  • “Personal Data” means any information relating to an identifiable natural person.

  • “Data Controller” means the person or entity having the authority to make decisions regarding Personal Data collection, use, and disclosure. SASOM is the Data Controller.

  • “Data Processor” means any third party that processes Personal Data on behalf of SASOM.

3. Scope of Collection

3.1 Personal Data We Collect

SASOM collects Personal Data when you:

3.1.1 Register an account.
3.1.2 Login using Facebook, Google, Apple, or other third-party integrations.
3.1.3 Use the Services or interact with the platform.
3.1.4 Provide information to SASOM through forms, chat, emails, or customer support.
3.1.5 Submit shipping details, profile information, or account preferences.
3.1.6 Use third-party services connected to SASOM, including payment gateways and logistics providers.
3.1.7 Participate in surveys, questionnaires, or marketing activities.
3.1.8 Provide Personal Data through any channel.

3.2 Types of Personal Data

SASOM may collect, use, or process the following categories of Personal Data:

3.2.1 Name, surname, title
3.2.2 Address and place of residence
3.2.3 Shipping and billing address
3.2.4 Date of birth
3.2.5 Email
3.2.6 Phone number
3.2.7 Gender
3.2.8 Identification documents (e.g., National ID, Passport) where applicable
3.2.9 Bank account / e-wallet / PayPal information used for payouts
3.2.10 Third-party account information (Facebook, Google, Apple login metadata)
3.2.11 IP address, device identifier, cookie data
3.2.12 Usage data (session duration, browsing history, preferences)
3.2.13 Transaction history
3.2.14 Information voluntarily provided in any format
3.2.15 Feedback, comments, dispute details
3.2.16 Device information (OS, model, hardware identifiers)
3.2.17 Location data, including precise or approximate geolocation collected from your device, for the purpose of facilitating product delivery, messenger services, route planning, verification of delivery location, or other services requiring accurate location identification.

3.3 Sensitive Personal Data
SASOM generally does not collect sensitive personal data such as biometric data, religion, ethnicity, or health data unless required by law or explicit consent.

3.4 Payment Information
Payments are processed through third-party payment processors (e.g., Omise, Stripe, Atome, TrueMoney).
SASOM does not store credit card numbers or CVV details.

3.5 Your Responsibilities
You must ensure that all information provided is accurate, complete, and up to date.

3.6 Withdrawal of Consent
You may withdraw your consent by contacting support@sasom.co.th.
However, withdrawal of consent may affect or prevent SASOM from providing Services.

4. Purpose of Use

SASOM may use your Personal Data for the following purposes:

4.1 Service Operations

4.1.1 Account creation and identity verification
4.1.2 Order processing, matching bids/asks, and transaction completion
4.1.3 Product delivery and logistics coordination
4.1.4 Buyer and seller communication
4.1.5 Payment processing, refunds, payouts

4.2 Platform Improvements

4.2.1 Usage analytics
4.2.2 Service optimization
4.2.3 Personalization (interests, browsing patterns)
4.2.4 Bug detection and troubleshooting

4.3 Customer Engagement

4.3.1 Customer support and dispute handling
4.3.2 Promotions, announcements, notifications
4.3.3 App push notifications, SMS, email communications
4.3.4 Retargeting ads and marketing optimization

4.4 Legal Compliance

4.4.1 Fraud prevention
4.4.2 Compliance with Thai laws
4.4.3 Responding to lawful governmental requests
4.4.4 Enforcement of User Agreement and internal policies

4.5 Business Operations

4.5.1 Internal reporting and statistics
4.5.2 Platform development
4.5.3 Storage as required by accounting, tax, and legal requirements

5. Disclosure of Personal Data

SASOM will not sell your Personal Data.

We may disclose your Personal Data to:

5.1 Logistics Partners
To deliver purchased products (e.g., Kerry, Flash, DHL, J&T, SCG Express, Lalamove).

5.2 Payment Service Providers
For processing payments and payouts (e.g., Omise, Stripe, Atome, TrueMoney, banks).

5.3 Marketing & Analytics Partners
(e.g., Google Analytics, Facebook Ads, TikTok Ads)

5.4 Professional Service Providers
(e.g., auditors, legal advisors, fraud investigation teams)

5.5 Government Agencies
Where required by applicable law or lawful court order.

5.6 Other Disclosures with Consent
We may disclose Personal Data where you have provided explicit consent.

6. Cross-Border Data Transfers

SASOM may transfer Personal Data to third parties located outside Thailand, including cloud providers such as:

  • Amazon Web Services (AWS)

  • Google Cloud

  • Cloudflare

  • Meta Platforms

  • Other service providers based overseas

We will ensure appropriate safeguards such as:

  • Binding Corporate Rules

  • Standard Contractual Clauses

  • PDPA-compliant contractual protections

7. Cookies and Tracking Technologies

7.1 SASOM uses cookies, pixels, SDKs, and similar tracking tools to improve functionality, security, and marketing effectiveness.
7.2 Users may manage cookie preferences through browser settings.
7.3 Disabling cookies may affect certain platform features.

8. Data Retention

8.1 SASOM retains Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law.

Examples:

  • Transaction records: 10 years (tax & accounting law)

  • User account information: retained until account deletion

  • Marketing data: up to 2 years

  • Device logs: up to 1 year

9. Information Security

9.1 SASOM implements administrative, technical, and physical security measures including but not limited to:

  • Data encryption

  • Secure cloud infrastructure

  • Access controls

  • Monitoring and audit logging

  • Firewall and DDoS protection

9.2 You are responsible for safeguarding your password and account.

10. Your Rights Under PDPA

You may exercise the following rights by contacting support@sasom.co.th:

  • Right to Access

  • Right to Rectification

  • Right to Data Portability

  • Right to Object

  • Right to Restrict Processing

  • Right to Erasure

  • Right to Withdraw Consent

  • Right to Lodge Complaints with PDPC (Thailand)

11. Children’s Data

SASOM does not knowingly collect Personal Data from persons under 18 without parental consent.

12. Data Controller Information

SASOM (Thailand) Co., Ltd.
Email: support@sasom.co.th

If SASOM does not appoint an official Data Protection Officer (DPO), SASOM will designate a Data Protection Contact reachable through the above channels.

13. Changes to This Privacy Policy

SASOM may amend this Privacy Policy from time to time. Changes will be announced through website updates, app notifications, or other communication channels.

14. Contact Us

For all privacy-related inquiries:
Email: support@sasom.co.th

Back to FAQs

Was this article helpful?

Let us know so we can improve our content