facebook

เว็บไซต์นี้ใช้คุกกี้

เว็บไซต์นี้ใช้คุกกี้

เราใช้คุกกี้เพื่อเพิ่มประสิทธิภาพ และประสบการณ์ที่ดีในการใช้งานเว็บไซต์ กรุณาคลิก ยอมรับ

เพื่อดำเนินการ หรือ อ่านรายละเอียดสำหรับนโยบายคุ้มครองข้อมูลส่วนบุคคล

Privacy Policy Website

Effective Date: 8 June 2026
Last Updated: 8 June 2026
1. Definitions
  • The Virus Information and Technology Co., Ltd., the designer and developer of the CESSTANT CLOUD and MULTISTORE.ME systems, shall hereinafter be referred to as the “Company.”
  • The CESSTANT CLOUD and MULTISTORE.ME systems shall hereinafter be referred to as the “System.”
  • Users of the CESSTANT CLOUD and MULTISTORE.ME systems shall hereinafter be referred to as the “System Users.”
  • Individuals whose personal data is collected shall hereinafter be referred to as the “Customers,” “You,” or “Service Users.”
  • The collection, storage, use, and disclosure of personal data shall hereinafter be collectively referred to as “Processing.”
     
          The Virus Information and Technology Co., Ltd., as the designer and developer of the CESSTANT CLOUD and MULTISTORE.ME systems, recognizes the importance of the personal data of all System Users and Customers that is stored within the System, whether such data is provided through membership registration or entered into the System by System Users.

The Company complies with the Personal Data Protection Act (PDPA), published in the Royal Gazette on 27 May 2019, to ensure and protect the rights of individuals regarding the processing of personal data. The purpose of this Privacy Policy is to inform you of how your personal data is processed.

The Company kindly requests that you read this document carefully to understand the purposes for which your personal data is collected and stored within the System. If, after reading and fully understanding this document, you do not wish for your personal data to be collected, stored, or processed by a System User, you may request the deletion of your personal data by contacting the relevant System User directly.

Personal Data Collection Structure
  • For the CESSTANT CLOUD System The Company provides and licenses the System to System Users, and the System Users are responsible for collecting and maintaining the personal data of their Customers.
  • For the MULTISTORE.ME System The Company acts as the service provider and is solely responsible for collecting, storing, and processing the personal data of Customers.
2. Purpose of Data Collection and Processing
         Collection of Personal Data : To access and use membership services in the System, it is necessary for you to provide personal data that enables the System to identify you. This allows the System User to grant rights or benefits to you as a member arising from the use of the services under the applicable terms and conditions.
Personal data may also be collected and processed for the purposes of improving the quality of products and services, conducting marketing activities relating to products and services, organizing promotional activities, conducting research, market analysis and surveys, preparing statistical data, presenting new products or services to individual members, and preparing quotations, invoices, receipts, tax invoices, and other related documents.

Data Processing: The System processes your personal data under the following legal bases for processing:
 
  • Contractual Basis: When you apply for membership and use the services, it is necessary for you to provide personal data to the System User so that the System User may process such data in connection with providing services in accordance with the membership terms and conditions, including using such data to communicate with you, follow up and notify you of benefits relating to products or services, and respond to your inquiries. If you do not provide such personal data, it may affect the System User’s ability to accept you as a member, provide rights or benefits under the applicable conditions, communicate with you, verify your eligibility to enter into a contract, and verify your identity. This is in accordance with Section 24(3) of the Personal Data Protection Act B.E. 2562 (2019).
     
  • Consent Basis: The System User may use your personal data for processing purposes related to the design or development of products and services, including the presentation or recommendation of products and services, and for marketing activities of the System User. The System User may also collect, use, or disclose your personal data for marketing purposes.
    If you wish to withdraw your consent, you may contact the System User and notify them of your intention in accordance with Section 5.
     
  • Legitimate Interests Basis: The System User may process your personal data for management purposes, the preparation of internal reports within the System User's organization, the management of product or service warranties, the management of accounting credit matters, the maintenance of service standards, risk management, and internal audits. This constitutes processing based on legitimate interests in accordance with Section 24(5) of the Personal Data Protection Act B.E. 2562 (2019).
     
  • Legal Obligation Basis: The System User may process your personal data for compliance with applicable laws and regulations, such as the Securities and Exchange Act B.E. 2535 (1992), the Anti-Money Laundering Act B.E. 2542 (1999), and other laws to which the System User is subject that require the disclosure or submission of personal data. For example, the Civil Procedure Code may empower a court to order parties to submit documents or information for judicial proceedings. This constitutes processing for compliance with a legal obligation in accordance with Section 24(6) of the Personal Data Protection Act B.E. 2562 (2019).

 
3. Personal Data to be Processed and Data Retention Period
The data collected, as well as the retention period, are determined by the System User. The System User specifies the information to be collected and the period for which such information will be retained. In general, the personal data collected may include:
  • Full Name
  • National Identification Card Number
  • Address
  • Contact Address
  • Telephone Number
  • E-mail Address
  • Photograph
  • Credit Information, Credit Limits, and Purchase History
  • Service Usage Information, etc.
     
The data retention period is divided into the following two cases:
  • In the event that the System User continues to use the Company's services, the System does not automatically delete data. The management and administration of such data are the sole responsibility of the System User.
  • In the event that the System User terminates the use of the Company's services, the Company will retain such data for 180 days from the date of service termination. After that period, all data will be permanently deleted.
4. Categories of Persons or Organizations to Whom Personal Data May Be Disclosed
          The System User may disclose the Customer's personal data to the Company for the purposes of data backup, system support, and troubleshooting of the System, in order to carry out the purposes described above, subject to your consent. Personal data may also be disclosed to the System User's auditors, external auditors, and government authorities as required by law.
5. Rights of the Data Subject
  • The right to withdraw consent for the System User to process your personal data.
  • The right to access and obtain a copy of the personal data collected, used, and disclosed by the System User, in cases where such data is collected in documentary form.
  • The right to request the transfer of your personal data.
  • The right to object to the processing of your personal data.
  • The right to request the deletion, destruction, or anonymization of your personal data.
  • The right to request the suspension of the use of your personal data.
  • The right to request correction of your personal data to ensure that it is accurate, up-to-date, complete, and not misleading.
  • The right to lodge a complaint if you believe that the System User, its officers, or its representatives have violated your rights under the Personal Data Protection Act B.E. 2562 (2019).
       
           Any request to exercise your rights as described above must be made in writing. The System User or the Company will use its best efforts to process such requests within a reasonable period and no later than the period prescribed by law. The System User or the Company shall comply with the legal requirements relating to the rights of Customers as data subjects. Limitations on membership services may apply if you request the System User or the Company to delete, destroy, suspend, transfer, object to the processing of, anonymize your personal data, or withdraw your consent. Such requests may result in limitations on the System User's ability to conduct transactions or provide services to you in certain cases, subject to the membership terms and conditions and applicable laws. In exercising the above rights, the System User may reserve the right to charge any fees related to and necessary for carrying out actions concerning your personal data as requested by you, in accordance with the membership terms and conditions between you and the System User.

Personal Data Controller
  • For the CESSTANT CLOUD System Your personal data is managed and maintained by the store or company from which you purchase products or receive services.
  • For the MULTISTORE.ME System Your personal data is managed and maintained by The Virus Information and Technology Co., Ltd.
Developer and System Administrator of CESSTANT CLOUD and MULTISTORE.ME, the Systems Used for Personal Data Storage
  • The Virus Information and Technology Co., Ltd.
  • 8/1 Ladprao 101 Road, Soi 42, Yaek 17 (Thepthawee 5), Khlong Chan Subdistrict, Bang Kapi District, Bangkok 10240, Thailand
  • E-Mail: support@thevirus.in.th | Tel: +66 2 101 2105