PERSONAL INFORMATION COLLECTION
What We Collect
What personal information we collect from you (“discloser”) depends on your relationship with us at the time of collection, i.e. insured, claimant, or prospect, as well as your request. The types of data we collect may be in many forms such as texts, image, and videos.
The information of which may include the following:
Personal Details
This may include name, date of birth, age, gender, marital status, and occupation.
Contact Information
This may include address, phone number, mobile number, email address, and Facebook ID.
Financial Information
This may include bank account number, credit history, and other financial details.
Other Information
Identification of vehicle, driving history, other insurance policies held by you, the purpose of vehicle usage and other information you have given to us.
How We Collect
Your personal information will be collected and stored, directly or indirectly, when: (a) you enter our Website; (b) you disclose to us; (c) any persons related to you or appointed by you (including but not limited to your spouse or family member, a person whose name is under the same policy as yours, and any other persons under the purpose of validation of application, claim, and compensation) discloses to us, and (d) relevant third parties (including but not limited to insurers, financial institutions, regulatory bodies e.g. Office of Insurance Commission (OIC), Revenue Department (RD), Anti-Money Laundering Office (AMOL), and other reliable sources e.g. Thai General Insurance Association (TGIA)). In the case of (c), when the information concerning about other persons (“data subject”) than the discloser is given to us, it is the sole responsibility of the discloser to ask for a consent from and notify the data subject of the disclosure of his/her personal information and the terms and conditions of this Privacy Policy.
Why We Collect and How We Use and Secure
Your personal information may be collected and used for the following purposes: (a) to provide you with our services and products which shall include performing our relevant contractual or regulatory obligations; (b) to enhance our existing services and products and develop new services and products; (c) to communicate with you about our existing or up-coming services or products, including but not limited to, terms and conditions, promotion, activities, and advertisement; (d) for Website administration and business operation and (e) to rely on the purpose or obligation which are subjected to us to collect your personal data stipulated by the laws such as insurance law, personal data protection laws and other related law.
For your security, we (a) use both encryption and tokenization technology to safeguard your sensitive information such as credit card number, which can only be accessed by an authorized person; (b) restrict the access of your personal information to only our employees who require such access; (c) prevent unauthorized access by regular update of technology; and (d) delete your personal information when it is no longer necessary for relevant aforementioned purposes.
How Long We Retain
We will retain your personal information as long as it is necessary for the purposes of collection and use, unless required or permitted by applicable law. For most of the cases, your personal information will be retained for five years after the date of termination or cancellation of your policy.
Third Party Access
In order to perform our contractual obligations towards you or our regulatory obligations towards regulators and authorities, your personal information may be disclosed, and/or disseminated to third parties for the relevant mentioned purposes only. These third parties may include insurers, reinsurers, our business partners, financial institutions, regulators e.g. OIC, authorities e.g. RD, other service providers e.g. data storage service providers, call centre service providers, First Notice of Loss service providers, and repair shops.
For our business operation, where our legitimate interest is not less important that the data subject’s fundamental rights, your personal information may be disclosed and/or disseminated to our group companies and third parties such as external auditors, advisors, survey/data analytics service providers, and investors.
In any case, your personal information will not be disclosed and/or disseminated to any other persons other than the cases of the above two paragraphs, without your consent, except for the following cases: (a) providing that it is required by any applicable law; (b) providing that it is necessary for preventing emergencies or protecting others from danger; and (c) for the public interest.
In case where we disclose and/or disseminate your personal information to any third parties, we shall notify the said third parties of its confidential nature and their obligations to restrict the use of such information to any person involved for the permitted purposes as necessary only, and to handle the information appropriately in accordance with this Privacy Policy and the Personal Data Protection Act B.E. 2562 (PDPA).
Cross-border Transfer
In order to provide you our services especially for documentation, your personal information will be stored in other countries. The privacy protection standard of which, might be different from the PDPA or ours. We will take any necessary step to ensure that your personal information is stored and secured appropriately.
YOUR RIGHTS AS A DATA SUBJECT
Subject to the PDPA, by using our Website, receiving our services and/or purchasing our products, you are entitled to the following rights in respect to personal information concerning about you and obtained by us:
Right for Withdrawal
You have the right to withdraw your consent given to us to retain, use or process your personal information, or allow our external service provider to do the same with your personal information.
Right to Access
You have the right to obtain confirmation of whether or not we hold personal information concerning about you, and if so, to obtain confirmation of where your personal information is being processed and/or for what purpose, as well as an electronic copy of such information.
Right to Rectification
In case you find out that the information concerning about you is inaccurate, incomplete, out of date, you have the right to request for rectification of such inaccuracy, incompleteness, and outdatedness.
Right to Portability
Where your personal information concerning about you is being processed via automated means, you have the right to request us to transmit such information to another data controller.
Right to Restrict Processing or be Forgotten
You have the right to request us to suppress or restrict the use or processing of your personal information or to permanently erase your personal information.
The withdrawal of your consent, restriction, suppression, or erasure of your personal information may inhibit our ability to provide you with our services and/or products.
COOKIES INFORMATION
What are Cookies?
Cookies are small pieces of data sent from a website to be stored in your personal devices. They allow the Website to recognize your devices and collect information to adjust the Website content to be in accordance with your preference. We use cookies through third-party service providers to improve your Website experience.
What Cookies do We Use?
We use the following types of cookies:
Strictly Necessary Cookies
These cookies track your Facebook profile identity and use them as references when you post on our Website for earning Roojai rewards after your purchase. The storage duration is one year (persistent).
Statistic Cookies
These cookies track your behaviour of usage in order to know how many times you access certain functions of or your customer journey on our Website. The storage duration is between 1-2 years (persistent).
In some cases we might use both types of cookies through third-party service providers.
Managing Cookies
You can manage, block, and delete cookies on your browsers. You can learn more about cookies and how to manage them from this link: Allaboutcookies.
EXTERNAL LINKS
This Website may contain links to other websites which we cannot ensure your privacy and security. The inclusion of such links does not guarantee that other websites will provide you with the same standard of personal data protection as per this Privacy Policy.
CHANGES TO THE PRIVACY POLICY
We reserve the right to make any change to the Privacy Policy in order to comply with any applicable law. Hence, we encourage you to check the “Updated Date” of the Privacy Policy.
CONTACT US ABOUT YOUR PERSONAL INFORMATION
If you have any query, comments, or recommendations about the Privacy Policy or if you would like to exercise your rights, please submit your query, comments, or recommendations or the PDPA Data Subject Request Form to DPO@roojai.com. The process might take up to 30 days from the date of your submission.
You can download our PDPA Data Subject Request Form from PDPA Data Subject Request Form
iSafeDrive APPLICATION
Roojai Service Co., Ltd (“we”,”us”) respects your privacy and is committed to protecting it through our compliance with this privacy policy ("Policy"). This Policy describes the types of information we may collect from you or that you may provide in our iSafeDrive application ("Mobile Application"), and our practices for collecting, using, maintaining, protecting, and disclosing such information. It also describes the choices available to you regarding our use of your information and how you can access and update it.
By accessing and using the Mobile Application, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy.
Table of contents
- Understanding Our Mobile Application
- Collection of Personal Information
- How We Use Your Information
- How Long We Retain Your Personal Information
- Third-Party Access
- Cross-Border Transfer
- YOUR RIGHTS AS A DATA SUBJECT
- EXTERNAL LINKS
- CHANGES TO THE PRIVACY POLICY
- CONTACT US ABOUT YOUR PERSONAL INFORMATION
Understanding Our Mobile Application
Mobile Application Overview
Our Mobile Application serves as a tool for gathering driving data, including trip details and driving behaviour of the policy holder, using a policyholder’s smartphone. The data collected ranges from location coordinates (GPS) to accelerometer and gyroscope readings, enabling us to derive insights such as speed, acceleration, braking, and distance travelled.
Purpose
The primary objective of our Mobile Application is to monitor driver behaviour and transmit this data to us for it to be shared with Roojai Insurance PCL (“Insurer”). By analysing this information, the Insurer can assess whether to adjust premiums for drivers demonstrating safe driving behaviours (“App Purpose”). This data is combined with traditional customer information like vehicle type, age, and gender to create a comprehensive dataset for evaluating and pricing the risk profiles of drivers.
System Operations
Our Mobile Application works by connecting your smartphone to your insured car’s Bluetooth system using our Mobile Application. Through this connection, geographic data may be transferred to our third-party service provider for the purpose of analysing the data, including conducting speed comparisons with road limits, to assess your driving behaviour.
System Permissions Requests
To ensure the functionality of our app, we need the following system permissions from you:
- Bluetooth Connection: This permission allows the app to establish and maintain a connection between your mobile phone and your car’s Bluetooth system. It is necessary for the proper functioning of our App Purpose.
- Precise Location: Even when the app is not actively being used, we collect location updates using latitude/longitude coordinates. This helps us to achieve accurate and relevant data for our App Purpose.
Collection of Personal Information
Personal Information Collection
When you engage with our Mobile Application, we may collect certain information from or about you and this information may include information that can be used to identify a specific individual (“Personal Information”), including:
- Account details: Details such as phone, email, passport number, national identification number, etc.
- Device Information: Details about your mobile device, including its model, operating system, unique identifiers, and mobile network information.
- Geolocation Data of Your Location Information: With your consent, precise location and time data may be collected to enable us to determine your driving habits, including speed, acceleration, braking, and other relevant metrics.
- Usage Information: Insights into how you interact with our App, such as features accessed, actions taken, and session durations.
How We Use Your Information
We prioritise transparency and responsible handling of the information we collect. Here is how we utilise and process the data gathered through our Mobile Application:
-
Driving Behaviour Analysis:
We analyse the driving data collected, including trip journeys and driving behaviour, to provide insights into your driving habits. This analysis helps us understand patterns such as speed, acceleration, braking, and cornering.
-
Insurance Assessment:
The primary purpose of collecting driving data is to facilitate insurance assessment of the Insurer. With your consent, your data is shared with the Insurer to evaluate your risk profile accurately. Depending on your driving behaviour, the Insurer may offer discounts or adjust premiums accordingly.
-
Improving App Functionality:
We use the collected data to enhance the functionality and performance of our app. By analysing usage patterns, we can identify areas for improvement and implement updates to optimise user experience.
-
Research and Development:
We may use aggregated and anonymised driving data for research and development purposes. This data helps us identify trends, improve our services, and develop new features to better serve our users.
-
Compliance and Legal Obligations:
We process collected information to ensure compliance with legal and regulatory requirements. This includes adhering to data protection laws and responding to legal requests or investigations.
-
Rewards:
We process collected information to allow user to exchange bonus points earned from safe driving behaviour to Roojai Rewards. By incentivising safe driving practices, we aim to encourage positive behaviour change among our users.
-
Compliance and Legal Obligations:
We process collected information to ensure compliance with legal and regulatory requirements, including responding to legal requests or investigations and adhering to data protection laws and insurance regulations. For further details on insurance law, please refer to the website of the Office of the Insurance Commission (www.oic.or.th).
How Long We Retain Your Personal Information
We will retain your Personal Information as long as it is necessary for the purposes of collection and use, unless required or permitted by applicable law. For most cases, your Personal Information will be retained for five years after the date of termination or cancellation of your policy.
Third-Party Access
In order to fulfil our App Purpose, your Personal Information may be disclosed, and/or disseminated to third parties for the relevant mentioned purposes only. These third parties may include insurers, reinsurers, our business partners, financial institutions, regulators e.g. OIC, authorities e.g. RD, other service providers e.g. data storage service providers.
For our business operation, where our legitimate interest is not less important that the data subject’s fundamental rights, your Personal Information may be disclosed and/or disseminated to our group companies and third parties such as external auditors, advisors, survey/data analytics service providers, and investors.
In any case, your Personal Information will not be disclosed and/or disseminated to any other persons other than the cases of the above two paragraphs, without your consent, except for the following cases: (a) providing that it is required by any applicable law; (b) providing that it is necessary for preventing emergencies or protecting others from danger; and (c) for the public interest.
In case where we disclose and/or disseminate your Personal Information to any third parties, we shall notify the said third parties of its confidential nature and their obligations to restrict the use of such information to any person involved for the permitted purposes as necessary only, and to handle the information appropriately in accordance with this Privacy Policy and the Personal Data Protection Act B.E. 2562 (PDPA).
Cross-Border Transfer
In order to provide our Mobile Application services especially for documentation, your Personal Information will be stored in other countries. The privacy protection standard of which might be different from the PDPA or ours. We will take any necessary step to ensure that your Personal Information is stored and secured appropriately.
YOUR RIGHTS AS A DATA SUBJECT
Subject to the PDPA, by using our Mobile Application, you are entitled to the following rights in respect to Personal Information concerning about you and obtained by us:
-
Right for Withdrawal
You have the right to withdraw your consent given to us to retain, use or process your Personal Information, or allow our external service provider to do the same with your Personal Information.
-
Right to Access
You have the right to obtain confirmation of whether or not we hold Personal Information concerning about you, and if so, to obtain confirmation of where your Personal Information is being processed and/or for what purpose, as well as an electronic copy of such information.
-
Right to Rectification
In case you find out that the information concerning about you is inaccurate, incomplete, out of date, you have the right to request for rectification of such inaccuracy, incompleteness, and outdatedness.
-
Right to Portability
Where the Personal Information concerning you is being processed via automated means, you have the right to request us to transmit such information to another data controller.
-
Right to Restrict Processing or Be Forgotten
You have the right to request us to suppress or restrict the use or processing of your Personal Information or to permanently erase your Personal Information.
The withdrawal of your consent, restriction, suppression, or erasure of your Personal Information may result in the inability to use the Mobile Application entirely.
EXTERNAL LINKS
This Mobile Application may contain links to other websites which we cannot ensure your privacy and security. The inclusion of such links does not guarantee that other websites will provide you with the same standard of personal data protection as per this Privacy Policy.
CHANGES TO THE PRIVACY POLICY
We reserve the right to make any change to the Privacy Policy in order to comply with any applicable law. Hence, we encourage you to check the “Updated Date” of the Privacy Policy.
CONTACT US ABOUT YOUR PERSONAL INFORMATION
If you have any query, comments, or recommendations about the Privacy Policy or if you would like to exercise your rights, please submit your query, comments, or recommendations or the PDPA Data Subject Request Form to DPO@roojai.com. The process might take up to 30 days from the date of your submission.
You can download our PDPA Data Subject Request Form from PDPA Data Subject Request Form
*Updated Date 1st September 2024