Privacy by design

Last updated: Monday, 9 May 2022
This Privacy Policy (“Policy”) describes how Beam Data Co., Ltd. (“Company”, “we”, “us”, and “our”) works with an entity or person (“Users”, “data subject”, “you”, and “your”) who is registered with Beam to receive certain payment processing, technology and other services (“Data & Payment Service”), when you sign up to our newsletter or any marketing campaigns (“Newsletter”), and when you visit our website (“Website”) (Data & Payment Service, Newsletter, Website and Lighthouse are collectively referred to as “Services”).

The terms “Data Controller”, “Data Processor” and “Personal Data” used herein will have the same meanings as prescribed by the applicable law.

1. What data do we collect?

As advocates of human ‘data’ rights, each individual’s privacy is our top priority, thus we refrain from collecting and processing any directly personal identifiable information and/or data irrelevant or unnecessary for the specified purposes.

Instead, we only collect the following Personal Data for the purposes specified in section Why do we collect your Personal Data? and Why do we process your Personal Data?
  1. Phone number and/or email address; and,
  2. Any data submitted as part of a payment; and,
  3. Any data stored in your web-based Personal Data Locker (not mobile app); and,
  4. Any data submitted by your customers (for Business users only); and,
  5. Information about your devices and access logs.
It is important to note that your Personal Data submitted to any business from the use of our Services is not in our control as we process your Personal Data only pursuant to the instructions given by you and received by our Business partners (i.e. Businesses who own the forms or payment requirements). We recommend that you carefully read the privacy policy or privacy notice of each business (where applicable) before proceeding with any submission of Personal Data or making a payment.

2. How do we collect your data?

We collect your Personal Data detailed above in two different ways:
  1. When you voluntarily submit/receive a filled-in form or make a payment through the Services or when you sign up to our Newsletter; and
  2. Data collected automatically – meaning, if you use the website, web app or mobile app, we may use tools to gather information automatically.

3. Why do we process your data?

We process your Personal Data strictly for the following purposes only:
  1. To register and identify your account and allow you to use your account on multiple devices, this includes that as part of KYC (Know Your Customer) and KYM (Know Your Merchant) requirements by law;
  2. To provide Services to you, including allowing you to transfer your filled-in form or make your payment to the intended Business, or as a Business user, receive Personal Data;
  3. To provide technical support and maintenance for the Services and respond to your requests, questions and feedback;
  4. To analyze, improve and develop our Services; and,
  5. To send you regular updates about our promotions, events, products and Services (on the basis of the consent you have given us).

4. When and to whom is data shared?

Persons whom Personal Data is shared with upon your consent

We strictly share your Personal Data with any of the following persons and organizations in accordance with the voluntary purposes notified by you or where permitted by law:
  1. Businesses (as part of a data and/or payment transaction)
  2. Service providers; and
  3. Official Authorities (as required by law).
International transfer

In the event that we transfer your Personal Data to a foreign country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including:
  1. Having a lawful basis for transferring Personal Data;
  2. Putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data transferred; and
  3. Ensuring that the foreign recipient is obligated to protect your Personal Data at a standard of protection comparable to the protection under the applicable law.

5. How long do we retain your data?

We will retain Personal Data for the period necessary to fulfill the purposes for which the Personal Data was collected in compliance with our obligations under the applicable laws. Thus, the retention period will vary depending on the purposes for which the Personal Data was collected. Please see below for our non-exhaustive list of retention period for the retained Personal Data:
  1. Email address and/or phone number
    1. Until you delete your Beam account; and,
    2. Until you unsubscribe to our Newsletter.
  2. Any data stored in your web-based Personal Data Locker
    1. Until you delete the respective Personal Data; or,
    2. Until you delete your Beam account.
  3. Any data submitted by your customers (for Business users only)
    1. Until you delete the respective Personal Data; or,
    2. Until you delete your Beam account.
  4. Information about your devices and access logs
    1. Between 1-36 months.
We may sometimes retain your Personal Data for shorter or longer than is necessary for the purposes for which they were collected due to certain legal requirements (e.g. tax and accounting purposes) or legal claims.

After the foregoing period, we will destroy such Personal Data from our archives without notice or any further liability

6. What are your data protection rights

Beam would like to ensure you are fully aware of all your data protection rights. Every user of Beam is entitled to the following:
  1. The right to be informed - You have the right to be informed about how your data will be collected, processed, and stored, and for what purposes. All as stated within this document.
  2. The right to access - You have the right to request Beam for copies of your personal data. Your data is accessible through the mobile application and can be exported (downloadable).
  3. The right to rectification - You have the right to rectify any information you believe is inaccurate right from your web-based or mobile app Personal Data Locker. You also have the right to make certain ratification requests to Beam where required.
If you have a concern about any aspect of our privacy practices, including the way we have handled your Personal Data, please contact us using the contact details provided in the How to contact us? section below. In case of an alleged infringement of applicable privacy laws, you may lodge a complaint with the data protection supervisory authority.

7. Privacy policies of our Business partners and acquaintances

We may have the text and links to external websites of our Business partners and acquaintances. Our Privacy Policy applies only to our Services, upon exiting the mobile application, you should study the external party’s Privacy Policy.

8. Changes to our Privacy Policy

We may revise this Policy from time to time to facilitate changes to our services, security, regulatory or to prevent abuse or harm. The most current version of the Policy will govern our processing of your Personal Data and will always be at

9. How to contact us

If you have concerns about the way we are handling your Personal Data, please let us know immediately through the following contact details. Please advise us of as much detail as possible to comply with your request.

Beam Data Co., Ltd.
Gaysorn Tower, 127 Ratchadamri Road.
Lumpini, Pathumwan,
Bangkok 10330 Thailand

By law, you have certain rights that cannot and will not be limited by this Policy and this Policy is in no way intended to restrict you from those rights.

We really do hope you enjoy using our Services. If you stop using any of our Services and end your relationship with us by closing your account, we would appreciate any feedback for us to continue improving our Services for our society, the greater good.