Privacy Policy

13.03.2024

Privacy Policy
This website https://catchphangan.com/ (“Website”) is made available to you by 154/2 Moo1 Thong Sala, Ko Pha-ngan District, Surat Thani, 84280, Thailand, MAKYOU CO.,LTD (restaurant Catch) hereinafter referred to as “Catch,” “we” or “us.”. This Privacy Policy aims to inform you about how we will use your personal data you provide to us through this Website, in connection with bookings, your stay at Catch as well as personal data provided and/or collected by us through other channels. We also inform you about your rights under applicable data protection law with respect to the handling of your Personal Data by us. Before providing us with Personal Data we recommend that you read this Privacy Policy which also forms part of our Terms and Conditions that govern our restaurant services.

1.What is Personal Data?
For the purposes of this Privacy Policy, “Personal Data” means any information that allows you to be identified personally, either directly (e.g. your name) or indirectly (e.g. telephone number) as an individual person.
We may collect your Personal Data provided by you when interacting with us when, for example; navigating through our Website, calling us or staying at our restaurant. We may also collect personal data about you in other instances which relate to your stay at Catch.

2.When does the Personal Data have been stored and processed? And for what reason?
2.1. Use of the Website
Whenever you navigate our Website, data about you is collected and processed. We collect the following data:

Information related to the browser or device you use to access our website
IP address
Country you are browsing from
Browsing behavior of the information within the website

The data is collected through the session cookies that we use on our Website. Session cookies allow you to be recognized within a website, any activities you do are remembered by session cookies. You can adjust your session cookies through the setting feature of your browser.
We may use your Personal Data to improve website performance, create marketing plan including analyze data usage.
2.2. Interacting with us
Every time you interact with us (e.g. booking a table through our Website, by phone or through a third-party provider, or signing up for our newsletter) we may collect and process the Personal Data you provide to us.
a. Booking a table
When you book a table, we collect Personal Data, which includes the following but not limited to:

Your selected dates
Number of people in the reservation (adults and children)
Age of children
The rate/special offer selected
Any add-on packages selected
Your full name
Your address, including city and country
Your email address, and
Your credit card details

We use this Personal Data to handle your reservation and to provide services you request. This includes verifying your identity, taking guarantee and/or payment information, and sending stay-related and/or marketing communication.
b. Newsletter and special offers
If you provide your contact information to us (e.g. when booking a service with us or when signing up for our newsletter via our Website), we may use this Personal Data to send you our newsletters and details of other special offers which may be of interest to you, based on previous interactions with us.
If you sign up for our newsletter via our Website, you are required to provide your name, last name, and email address. Any additional information is voluntary and will be used solely for a personalization of the newsletter.
By providing your email address, you consent to receive our newsletter. You can revoke your consent and opt-out of receiving the newsletter at any time by clicking on the unsubscribe link included in every newsletter. For any further objections, kindly address the contact stated at the end of this policy.
c. “Contact us and Talk to us” functionality
You can get in contact with us via our Website by using the “Contact us and Talk to us” functionality, or by telephone. To contact us you are required to provide the following information:

Your full name
Your email address
Your telephone number
Your inquiry

We use your provided information to reply to your inquiry.
2.3. Processing of Personal Data to personalize your stay at Catch
We may collect and process Personal Data about you, if it is relevant for your stay at Catch or if it is in your interest. We may collect and process certain additional data to personalize your stay upon your express request and consent.
Providing you the best experience for your stay at our restaurant, we may send you emails before and after your stay requesting for your guest profiles, your special events (e.g. birthday or anniversary). This is an optional service; you may choose not to provide us the above information.
The Personal Data we collect is limited to information we have gained from you personally or by restaurant personnel during your stay at the restaurant and to information which is relevant for the stay at a Catch. We do not undertake any additional research on you in this case, in particular; no research on social media or the internet.
You may withdraw your consent at any time for the future by contacting us under the details of the contact.

3. Sharing Personal Data
Your Personal Data may be shared:

Within Catch, including our staff and personnel, to establish and fulfill our contract with you or to the extent you consented to such sharing of data, for example. This includes verifying your identity, taking payments getting in contact and communicating with you.
With our commercial partners in the event that you book an event or an activity organized by such commercial partners.
With our third-party service providers who process your data on our behalf.
With local authorities, in case it is required by laws or as a part of an inquiry in accordance with local regulations

We will not transfer your personal data to third-party recipients unless you consent to such transfer of data or such transfer is permitted under applicable law.

4. Cookies
We use cookies on our Website. Cookies are small text files sent by a web server to your web browser and saved locally on your computer. The cookie allows the server to uniquely identify the browser on each page. Cookies do not cause any harm to your computer and do not contain viruses.
We use the following categories of cookies on our Website:

a.    On the website, other than the necessary cookies:
·      Google Analytics (Analytics cookies)
·      Google Ads (Advertising cookies)

b.    On the booking engine:
·      Google Analytics (Analytics cookies)
·      Google Ads (Advertising cookies)
·      Floodlight (Advertising cookies)

5. Your Rights
In respect of the collection and use of your personal data, you may:

withdraw your consent at any time
ask us whether we process Personal Data about you, for which purposes, the categories of Personal Data concerned, to which categories of recipients the information has been disclosed, where possible, the envisaged period for which the personal data will be stored (or, if not possible, the criteria used to determine that period),
inquire with us about the appropriate safeguards relating to the transfer to a third party,
ask us for a copy of the Personal Data undergoing processing and ask to receive your Personal Data. We guarantee that no unauthorized persons are able to have access either to your profile or to your reservations,
have inaccurate data rectified,
object against the further processing and request erasure of your Personal Data,
request that the processing of your personal data is restricted by Catch,
request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

If you have any further questions on your personal data which has been stored with us or would like to exercise your rights, please refer to our Data Protection Manager via the contact details stated below.

6. Retention and deletion of Personal Data
We will retain your personal data only for a limited period of time needed to fulfill the purposes of processing mentioned above. After that time your personal data will be erased. If we process your personal data based on your consent, we will retain your personal data for a limited period of time needed to fulfill the purposes of processing it.
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in the future.

7. Updates
This Privacy Policy may be updated periodically. We will update the date at the top of its first page accordingly and encourage you to check for changes that we have made, which will be available at https://catchphangan.com/privacy-policy. On some occasions, we may also actively advise you of specific data handling activities or significant changes to this Privacy Policy, as required by applicable law.

8. Liability
You guarantee that you have informed any third parties whose data you are providing, if you have done so, of the points covered in this privacy statement. In addition, you guarantee that their authorization has been obtained to provide their data to us for the indicated purposes.
You will be liable for any false or inaccurate information provided, and for direct or indirect damage caused to us or to third parties.

9. Who is the contact person for questions and/or problems relating to the data protection?
Please contact our team at catchphangan@gmail.com.

Privacy Policy on CCTV Use
1. This Privacy Policy (“Policy”) on the use of closed-circuit television (“CCTV”) devices describes how MAKYOU CO.,LTD (restaurant Catch), and its affiliates (referred to as “Company”, “Catch”, "we", "us", or "our") use CCTV devices and its system for monitoring our specific space within and around our premises, buildings and facilities for protecting life, health, and property, of personal data of all employees, directors, contractors, workers, visitors, or any individuals entering the monitored space within our buildings and facilities (collectively referred to as "you" or "your"). This Policy also describes how we collect, use, disclose and transfer of individually identifiable information ("Personal Data") about you and set out how the CCTV and its system will be managed and used by us. We may amend this policy at any time and will notify you of the amendments, where possible.

2. Why we collect, use, and disclose your Personal Data
2.1 We may collect, capture, use, disclose, transfer, and carry out any operation, including but not limited to recording, holding, adapting, altering, modifying, destroying, deleting, retrieving, combining, copying, transmitting, storing, extracting, amending, adding, in relation to your CCTV Data and other Personal Data concerning you, for the "CCTV Monitoring Purposes" as listed below, on the legal basis of legitimate interests; vital interest; legal compliance; public interest; consent; or any other basis as permitted by applicable laws (provided that those interests are not overridden by individuals’ rights and interests), as the case may be:

to protect your life, body, health personal safety, and/or your belongings;
to control access to the building and to ensure the security of the building, the safety of our personnel, employees and visitors, as well as our property and information located or stored on the premises.
to protect/prevent our premises, buildings, facilities and assets from damage, disruption, vandalism and other crime;
to assist in the effective resolution of disputes which arise in the course of disciplinary or grievance proceedings; • to assist in the investigation or proceedings concerning a whistleblowing complaint;
to assist in the establishment or defence of any civil litigation, including but not limited to employment proceedings;
to comply with our legal obligations and/or cooperate with the court, regulators, government authority and law enforcement bodies for the exercising of such official authority vested in us including but not limited to safety, occupational and workplace environment laws. We consider that the use of CCTV is a necessary measure to enable us to meet those obligations; and
to exercise our rights or protect our legitimate interest where it is necessary to do so, for example, to deter, prevent, and detect misconduct, crime or violations of law; to follow up on incidents; to prevent and report misconduct or crime in our stores and to protect the security and integrity of our business. We will endeavour on a continuing basis to balance between our legitimate interest and that of any relevant third parties, as the case may be, and your fundamental rights and freedom in relation to the protection of the CCTV Data concerning you. We will also endeavour to identify any steps required to achieve the right balance as appropriate.

2.2 We will install CCTV devices at strategic points within our premises, buildings and facilities, except in certain areas such as changing rooms, toilets, and shower rooms.
2.3 Our CCTV devices are in operation 24 hours a day and they will be monitored by our security staff, except in case of device/system failure and/or maintenance.

3. To whom we disclose your Personal Data
3.1 We will keep CCTV Data concerning you confidential, and will not disclose or transfer it except to our subsidiaries, affiliates, and other carefully selected third parties now or in the future, licensees, joint venture partners and/or service providers, [who may be located overseas,] to achieve the CCTV Monitoring Purposes provided in this Policy.
3.2 Third parties to which we may disclose CCTV Data and other Personal Data concerning you include our affiliates (as part of our legitimate interest and our affiliates' interest to achieve the CCTV Monitoring Purposes), governmental and/or regulatory organizations (to comply with legal obligations or to support or assist law enforcement organizations with regard to investigation and prosecution of civil or criminal proceedings), and third-party service providers (as our necessary steps to ensure our protection of your health and personal safety, and belongings). However, the access to CCTV Data may only be accessed or disclosed to the extent necessary in order to deal with an incident which falls within one of the objectives identified in Clause 3.2 or in order to respond to a request made by an individual under the law under Clause 2.1.

4. Transfer your Personal Data internationally
We may disclose or transfer your CCTV Data as part of necessary steps to ensure your health, personal safety, and belongings, to [third-party service providers] that are outside of Thailand, and such disclosure or transfer may only be done by obtaining your consent or there are any other compelling legitimate grounds (e.g. to perform the contract terms between us and other persons for your benefit) as permitted by applicable laws. Such destination countries may or may not have the same data protection standard similar to Thailand, however, we will ensure that the data transfer requirement under applicable data protection law which is in effect at that time is met before such transfer.

5. Security measures
5.1 We use reasonable organizational, technical and administrative security measures to protect CCTV Data and Personal Data concerning you from accidental, unlawful, or unauthorized destruction, loss, access, use, alteration, or disclosure.
5.2 We will from time to time review and update our security measures as necessary or upon the development of the concerning technology to ensure effective and appropriate security measures, and in line with minimum legal requirements as prescribed by the relevant governmental organizations.

6. How long do we retain your Personal Data
We will retain your CCTV Data in our system for the period necessary to fulfil the CCTV Monitoring Purposes for which we obtained them. When we are no longer permitted by the applicable laws to store your CCTV Data, we will remove it from our systems and records. However, we may retain your CCTV Data for a longer duration, such as until the end of legal action or if required by the applicable laws or specific CCTV Data are required to be retained in order to deal with an incident or in order to respond to a request by an individual made under the law.

7. What are your rights with regard to your Personal Data
Subject to the conditions and exceptions under the applicable laws, you may have the rights to access and/or obtain a copy of, port, rectify, delete, destroy or anonymize certain CCTV Data that we have about you, restrict and/or object to certain activities, in which we engage with respect to your personal data.

8. Who is the contact person for questions and/or problems relating to the data protection?
Please contact our team at catchphangan@gmail.com

Privacy Policy on Events
This Customer Privacy Policy (this “Privacy Policy”) describes how MAKYOU CO.,LTD (restaurant Catch) (referred to as “Company”, “Catch”, “we”, “our” or “us”) collect, use, and disclose your personal data in relation to your attendance of our event.

1. What Personal Data we collect
We will collect or obtain the following types of information directly from you which may include the following Personal Data:

Contact Data: such as name, address, telephone number, mobile number, email address and national identification number;
Identification Data: such as gender, nationality, date of birth, occupation, education, marital status, identification card number, passport number, driving license number or similar identifier and signature;
Interest: such as data which identify your interests;
Marketing and Communications Data: such as how you heard about us and your preferences in receiving marketing from us and/or our affiliates and business partners and your communication preferences;
Financial Data: such as bank account, payment details and records, and debit/credit card details;
Sales and Services Data: such as purchases or orders made by you, delivery details, complaints and claims, attendance to trade exhibitions and customer satisfaction surveys; and/or
Other Data: such as LINE ID, Facebook ID, Google ID, CCTV, video footage, photograph, photo and voice records, taken at our premises or other places we hold relevant events, exhibitions and tradeshows.

2. Why we collect, use, and disclose your Personal Data
We collect, use, and disclose your Personal Data for the following purposes:

to process event registration;
to manage tickets for events such as managing booking communications and promotions;
to contact you with marketing communications and offers relating to our products and services;
to manage and improve our relationship with you (such as customer satisfaction survey and customer relationship management marketing) and to improve future events;
to promote, market and report on events, exhibitions or tradeshows that you attended or will attend;
to identify you and respond to your requests;
to protect the security and integrity of our business;
to improve and assure our service quality;
to meet our contractual obligations with you under any agreement we have with you or to take any necessary steps before entering into such agreement;
to comply with our legal obligations and/or cooperate with court, regulators, government authority and law enforcement bodies for the exercising of such official authority vested in us;
to exercise our rights or protect our legitimate interest where it is necessary to do so, for example, to detect, prevent and respond to fraud claims, intellectual property infringement claims or violations of law; and/or
to prevent or suppress a danger to your life, body or health.

Where we need to collect, use, and disclose your Personal Data as required by law, or for the performance of a contract with you and you fail to provide that Personal Data to us, we may not be able to serve you our full range of services or perform the contract we have or are trying to enter into with you (for example, to provide you with our goods or services).

3. How long do we retain your Personal Data
We retain your Personal Data for as long as it is reasonably necessary to fulfil the purpose for which we obtained them. However, we may retain your Personal Data for a longer duration, if required by applicable law.

4. To whom do we disclose your Personal Data
We may disclose your Personal Data to members of our group companies, our affiliates, our subsidiaries, our business partners, service providers, legal advisors, auditors, courts, regulators, government authorities and law enforcement bodies.

5. Transferring your Personal Data internationally
Your Personal Data may be transferred to countries outside Thailand, which may or may not have the same data protection standard similar to Thailand. However, we will ensure that the data transfer requirement under applicable law is met before such transfer.

6. What are your rights with regard to your Personal Data
Subject to the conditions and exceptions under the applicable laws, you may have the rights to access and/or obtain a copy of, port, rectify, delete, destroy or anonymize certain Personal Data that we have about you, restrict and/or object to certain activities, in which we engage with respect to your Personal Data. If we process your Personal Data based on your consent, you may withdraw your consent, but we may not be able to provide you with our full range of services.
7. Who is the contact person for questions and/or problems relating to the data protection?
Please contact our team at catchphangan@gmail.com