Privacy Policy
Capture Mart Co., Ltd. (“the Company,” “we,” “us,” “our,” or “Capture Wow”) recognizes the importance of protecting your rights in relation to any information concerning an identified or identifiable natural person (“Personal Data”) arising from your use of our services. We understand that you expect your Personal Data to be protected in accordance with the standards prescribed by applicable Thai personal data protection laws, including with respect to how we collect, use, disclose, and/or transfer your information to a foreign country.
The information you provide to us enables us to offer services that are tailored and appropriate to your specific needs, through our website, our mobile applications, and other platforms related to our services, as well as our affiliated companies. We implement measures to protect Personal Data, including safeguards to prevent your Personal Data from being used without a lawful basis or without having first obtained your consent where required. Our primary service is a platform for photographers to upload and sell photographs.
This Privacy Policy (“Privacy Policy”) applies to our website, mobile applications, social media channels, online communication channels, events, and any other locations where we collect your Personal Data.
Please read this Privacy Policy together with any terms and conditions that relate to the Personal Data we collect and retain about you.
The company reserves the right to amend this privacy policy when it deems necessary, which may or may not be announced in advance. Therefore, please read this privacy policy each time before using the website, mobile applications, social media channels, online communication channels, and activities, as well as when receiving our services. We will inform you if there are any significant changes or updates to the privacy policy.
1. Types of personal data we collect
CaptureWow may collect, maintain, and use the following types of information, which may include your personal information directly or indirectly obtained from you or other sources, or from our affiliates, or our business partners, or communications between us:
1.1 Personal information
includes user account information, username, title, full name, gender, age, blood type, nationality, date of birth, information displayed on cards issued by government agencies (such as national ID number, passport number, driver's license information, government employee ID, or any other document that identifies a person in a similar manner), photographs, images from video recordings, and other physical information.
1.2 Biometric Data
refers to personal information generated from the use of techniques or technologies related to physical characteristics or behavioral traits of individuals, such as fingerprints, irises or retina patterns, facial features, and voice.
(For the specific policy and limitations on face data processing, please see Section 2 – Specific Policy for Face Data Management below.)
1.3 Contact information
Including postal address, delivery address and related details, telephone number, email address, application user account names, and user names on social media platforms.
1.4 Technical and System Information
Including device identifier (Device ID), date and time of access to our systems, IP address, username, PIN, device information, approximate geographic location, operating system, mobile network information, computer usage information, website browsing data, and application usage data.
1.5 Transaction Data
Including data relating to payments made by you, the date and time of payment, details of the services you receive, payment amounts, service locations, transaction history, and transaction status.
1.6 Sensitive Personal Data
Including religion, health information, race, ethnicity, or other categories of Personal Data defined as “sensitive” under applicable law. We will collect, use, or disclose such data only where we have a clear legal basis to do so and/or have obtained your explicit consent, unless the law provides otherwise.
If you have provided us with personal information of a third party, please inform that individual about this privacy policy and/or obtain their consent.
We will collect information from minors, individuals who are legally incapacitated, or individuals who are incapacitated only when we have obtained consent from a legitimate representative, guardian, or custodian of the minor. In the event that we become aware that we have collected personal information from any individual under the age of twenty, an individual who is legally incapacitated, or an incapacitated individual without obtaining consent from a legitimate representative, guardian, or custodian, we will take immediate action to delete such information or process only the portion of the data that we can act upon based on other legal grounds apart from obtaining consent.
2. Specific Policy for Face Data Management
The Company recognizes the importance of identity-related information and has therefore implemented strict policies regarding the processing of face-related data within the Capture Wow application, as set out below.
Important for Apple / App Store:
This section clarifies that we do not store raw face images or biometric face templates for recognition; we process only mathematical vectors that cannot be reverse-engineered into a face image and are used solely to support core app functionality.
2.1 Data We Process
The Company uses facial detection technology to analyze “facial landmarks” (such as relative points on the facial structure) and converts these landmarks into mathematical data in the form of vectors (the “Facial Landmark Vectors”) solely for the purposes of matching and searching photos.
- Nature of the data: The processed data consists only of mathematical numerical values and not image files.
- Irreversibility: These vectors cannot be reverse-engineered or reconstructed into a photo or image of a person’s face. They are not stored or used as facial templates or biometric identifiers capable of directly identifying an individual on their own.
For the avoidance of doubt, the application does not store raw face images as biometric templates, and does not create or retain face recognition profiles for identification purposes. We also do not permanently retain raw face data.
2.2 Purpose of Use
The processing of the Facial Landmark Vectors is strictly limited to the core functionality of the application, including:
- Filtering and indexing photos that contain similar facial structures;
- Enabling users to conveniently search for photos of themselves within an event’s photo library.
The Company confirms that such data:
- Is not used for marketing or advertising;
- Is not used for behavioral tracking or profiling;
- Is not used for surveillance or any purpose unrelated to providing the Capture Wow services.
2.3 Data Retention and Security
The Company needs to store the Facial Landmark Vectors in order to maintain the continuity and functionality of photo search features within the application. Our practices are as follows:
- Scope of Storage: We store only the mathematical vector values derived from facial landmarks. We do not store raw face images as biometric templates in any permanent identity database for recognition or authentication purposes.
- Retention Period: The Facial Landmark Vectors are retained only for as long as your user account remains active, or until you request deletion of such data or deletion of your account, whichever occurs earlier. The vectors are stored solely to enable ongoing photo matching and search functionality for your account.
- Right to Deletion: If you delete your user account or withdraw your consent (where applicable), all Facial Landmark Vectors associated with your account will be permanently deleted from our systems without undue delay, subject only to any retention required by law.
We implement appropriate technical and organizational security measures to protect the Facial Landmark Vectors and other Personal Data against unauthorized access, loss, misuse, alteration, or disclosure
2.4 Disclosure and Cloud Storage
The Company has no policy to sell, trade, or otherwise transfer Facial Landmark Vectors or any face-related technical data to third parties for marketing or advertising purposes.
However, to provide our services efficiently and reliably, the Company may store such vector data on cloud infrastructure (“Cloud Storage”) operated by reputable service providers that maintain internationally recognized security standards.
- Role of Cloud Service Providers: Such cloud providers act solely as data processors, providing storage and technical processing services on our instructions only.
- Access Restrictions: Cloud service providers are not permitted to access, view, or use the Facial Landmark Vectors for their own purposes. They may access the data only as necessary to maintain the security and integrity of the systems and to provide the contracted infrastructure services
The Company selects cloud providers that offer appropriate safeguards and requires them to comply with applicable data protection laws and contractual confidentiality obligations.
3. Purposes for Collecting, Using, or Disclosing Personal Data
We may collect, use, and disclose your Personal Data for the following purposes, based on our agreement with you, our legal obligations, our legitimate interests or those of third parties, and/or public interest or the exercise of official authority, as applicable:
3.1 Service Provision
To provide services to you; to enter into written or unwritten agreements and perform the terms and conditions agreed between you and us; to support membership registration and account creation; to enable system activation; to allow the creation of events and the upload and sale of photographs; and to carry out other activities relating to our service terms, including issuing and delivering electronic tickets (E-Tickets) and confirming participation in workshops or other events.
3.2 Marketing and Communications
To provide information about our services; to carry out promotional activities, prize campaigns, and other marketing events arranged by us, our affiliates, and/or our business partners; to send newsletters; to contact you by telephone, email, or other channels; and to process and respond to your inquiries, complaints, or feedback regarding our services.
3.3
Registration and Identity Verification
To identify and/or verify you or your identity, to confirm ownership of accounts, to manage access rights to our systems, and to maintain and update our user databases so that they are accurate and current.
3.4 Service Improvement and Development
To improve, maintain, and develop our systems and services so that they are up-to-date, efficient, and secure. This may include using your Personal Data to enhance the performance and accuracy of our facial detection system and other systems related to our services, while always applying appropriate safeguards for your privacy.
3.5 Data Analytics
To analyze your Personal Data for marketing activities, service development, interest-based and behavioral analytics, and data cleansing; to conduct market research, surveys, evaluations, and statistical analysis; and to categorize and study usage patterns and trends in relation to our services, for the purpose of improving our business plans and service offerings.
3.6 Corporate Transactions
ไFor internal reporting, accounting, and auditing purposes, or in connection with any transfer of business, merger, acquisition, corporate restructuring, or similar transaction, we may transfer your Personal Data to one or more third parties as part of such transaction.
If you are unable or unwilling to provide certain Personal Data when requested, we may be unable to provide some or all of our services to you.
4. Persons to Whom We May Disclose or Transfer Your Personal Data
We may disclose or transfer your personal information to third parties as specified below, and the collection, use, or disclosure of personal information is for the purposes outlined in this privacy policy. Third parties may be located within or outside of Thailand.
4.1 Our Service Providers
We may engage companies, agents, or contractors to provide services on our behalf or to assist us in delivering services to you. In doing so, we may share your Personal Data with external service providers, including but not limited to:
- Banks and financial institutions;
- Marketing, advertising, creative, and communications agencies;
- Administrative and support service providers;
- Data storage and cloud service providers;
- Internet, software, digital media, and information technology service providers, as well as IT support companies.
While providing such services, service providers may need to access your Personal Data. We will disclose only the Personal Data necessary for them to perform their services and will require them to comply with applicable data protection laws and appropriate confidentiality and security obligations.
4.2 Business Partners
We may collaborate with business partners in providing or improving our services or in conducting joint promotional activities. In such cases, we may transfer your Personal Data to those business partners under the conditions of this Privacy Policy and in accordance with applicable law.
4.3 Websites and Social Media Platforms
Our content or advertisements may link to external websites, applications, social media channels, or platforms operated by third parties to promote our business. Such platforms may have their own terms of use and privacy policies that differ from this Privacy Policy. We encourage you to review the applicable terms and privacy policies on those platforms before using them.
4.4 Professional Advisors
Including auditors, legal advisors, and other consultants who assist us in carrying out our business operations. We will disclose Personal Data to such advisors only to the extent necessary and subject to confidentiality requirements.
5. Cross-Border Transfers of Personal Data
We may disclose or transfer your Personal Data to third parties or servers located outside Thailand. In such cases, we will implement appropriate safeguards and procedures to ensure that your Personal Data is transferred securely and that the recipient provides an adequate level of data protection, or as otherwise permitted by law. Where required by applicable law, we will obtain your consent prior to transferring your Personal Data to a foreign country.
6. Retention Period of Your Personal Data
When you complete forms or register for our services—such as opening an account, booking exhibition space, using business matching services, registering to participate in events, exhibitions, seminars, subscribing to newsletters, responding to surveys, or otherwise communicating with us via any channel—we will retain your Personal Data for as long as is reasonably necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory requirements.
In general, we will retain your Personal Data:
- No longer than is necessary for the purposes for which it was collected; and/or
- For the period required or permitted under applicable law (for example, retention periods for accounting or tax documentation).
Once the relevant retention period has expired, we will delete, destroy, anonymize, or otherwise render your Personal Data incapable of identifying you, as appropriate.
7. Cookies, Cache Files, and Tracking Technologies
When you access our website or applications, we use cookies and other tracking technologies to monitor, collect, and store certain information about your use of our services.
- Cookies may be used when you sign in to your account on the application so that the system can remember you and you do not need to re-enter your username and password every time you access the application.
- We may also use cache data to store certain information on your device when you connect to our website or applications, so that some data may be retrieved more quickly on subsequent visits. Your data may be stored as cache files on your computer or mobile device.
You can configure your browser to refuse or delete cookies. However, refusing or deleting cookies may cause some functions of the website or application to operate improperly or be unavailable.
8. Rights of Data Subjects
Subject to applicable law and its exceptions, and after your identity has been verified in accordance with our procedures, you may have the following rights:
8.1 Right of Access
You may request access to, or a copy of, the Personal Data that we collect, use, or disclose about you.
8.2 Right to Rectification
You may request that we correct any Personal Data that is incomplete, inaccurate, or not up to date.
8.3 Right to Restrict Processing
You may request that we suspend the use of your Personal Data in certain circumstances as permitted by law.
8.4 Right to Withdraw Consent
Where we rely on your consent as the legal basis for processing your Personal Data, you have the right to withdraw such consent at any time. The withdrawal of consent will not affect the lawfulness of processing that has already been carried out prior to the withdrawal. However, withdrawal of consent may affect our ability to provide some services to you.
8.5 Right to Erasure
You may request that we delete, destroy, or anonymize your Personal Data so that it can no longer identify you, except where we are required to retain such data to comply with legal obligations or to establish, exercise, or defend legal claims.
Additional rights, such as the right to object to processing and the right to data portability, may also be available under applicable law.
Contact Us
If you wish to exercise your rights in relation to your Personal Data, or if you have any questions regarding your Personal Data under this Privacy Policy, please contact us or our Data Protection Officer (DPO) at:
Capture Mart Co., Ltd. (Capture Mart Co., Ltd.)
Address (109 Phahonyothin 5, Phahonyothin Road, Phaya Thai Sub-district, Phaya Thai District, Bangkok 10400 , Thailand)
Telephone : (085-897-1862)
Email: tech@capturewow.com
Data Protection Officer
Mr. Wuttichai Chivasuttho
Email business@capturewow.com
