Privacy Policy

Last updated: January 28, 2026

237 Solutions Group Co., Ltd. ("Company") takes the protection of personal data of our users seriously. This policy explains how we collect, use, and disclose your information in accordance with the Personal Data Protection Act B.E. 2562 (PDPA).

1. Information We Collect

We collect the following information to provide our services:

• Personal information: Full name, Email, Phone number
• Business information: Shop name, Address, Business type
• Usage data: Booking history, Points collection, Transaction history
• Financial information: Wallet balance, Top-up history (no credit card data stored)
• Location data: Approximate location for finding nearby shops (Customer App)
• Photos and videos: Profile picture, Payment slip images, Feedback images/videos
• Device information: Device Token, Platform (iOS/Android), App version

Data from LINE Login

If you log in via LINE, we receive the following information:

• LINE User ID
• Display Name
• LINE Profile Picture
• Status Message

2. Purpose of Data Use

• Provide queue booking and membership services
• Send queue notifications (Push Notification)
• Process payments and wallet transactions
• Loyalty points system and reward redemption
• Improve and develop services
• Communicate about services and promotions
• Analyze data to improve user experience
• Comply with applicable laws

3. Information Disclosure

We will not sell or disclose your personal information to third parties unless:

• We have your consent
• Disclosure to shops where you use services (only information necessary for service)
• Disclosure to third-party service providers who help us operate (see Third-Party Services)
• Required by law or court order

4. Third-Party Services

We use the following third-party services:

• Firebase Cloud Messaging (Google): For sending Push Notifications
• LINE Login / LINE Messaging API: For authentication and LINE notifications

These services have their own privacy policies, and we do not control how they manage your data.

5. Data Security

We use appropriate security measures including:

• Data encryption in transit (SSL/TLS - HTTPS)
• Encryption at rest
• Role-based access control
• Regular security audits
• Password hashing (bcrypt)

6. Data Retention

We retain your data for the following periods:

• User account data: Duration of service + 2 years after account deletion
• Booking history: 3 years
• Financial transaction data: 7 years (legal requirement)
• Usage logs: 1 year

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Remember your login
• Improve user experience
• Analyze usage to develop services

You can disable cookies in your browser settings, but this may affect some features.

8. Data Subject Rights

You have the following rights under the Personal Data Protection Act (PDPA):

• Right to access your personal data
• Right to correct data
• Right to erasure (Right to be Forgotten)
• Right to data portability
• Right to object to data processing
• Right to withdraw consent
• Right to lodge a complaint with the supervisory authority

To exercise any of these rights, please contact us using the channels below. We will respond within 30 days.

9. Children's Data

This service is not designed for individuals under 20 years of age. If you are a parent and learn that your child has provided data without consent, please contact us to delete such data.

10. Policy Changes

We may update this privacy policy from time to time. Significant changes will be notified through the application or email.

11. Contact

If you have questions about this privacy policy or wish to exercise your PDPA rights, please contact: