นโยบายความเป็นส่วนตัว | Privacy Policy

Whoscall Privacy Policy (hereinafter referred to as “this Policy”) is provided by Gogolook Co., Ltd. (hereinafter referred to as “the Company”) to clearly explain the policies and procedures for collecting, using, and disclosing personal data obtained from users of the Whoscall website https://whoscall.com/ (hereinafter referred to as “Whoscall Website”) and all services or software provided (hereinafter referred to as “Whoscall Service,” including but not limited to “Whoscall Application” and all related series of services or software launched by the Company). Please refer to the Company’s Terms of Service located at https://whoscall.com/zh-hant/terms for more information on how to manage the data you choose to submit to Whoscall Service.

This Policy applies to data provided by users through Whoscall Service (which may include personal data of non-users, in which case, non-users are also subject to this Policy) and publicly displayed information on the user interface while you are using Whoscall Service.

This Policy may be updated at any time. In case of such changes by the Company, the Company will post the new privacy policy on the Whoscall Website or notify you through the Whoscall Application. For the avoidance of doubt, the Company assures you that Whoscall will protect your personal data and implement security measures including but not limited to limiting access to your personal data, arranging technology to prevent unauthorized and unpermitted access to computer systems and preventing any use of your personal data, without your authorization, for any purpose other than those specified in this Policy.

Definitions

All terms used in the Policy shall have the same meaning as defined in the PDPA unless a specific definition is provided within this section. Furthermore, unless otherwise stipulated in this Policy, the terms used in this Policy shall be interpreted in accordance with the relevant provisions of the Whoscall Terms of Service.

Personal Data

Personal Data refers to identifiable information related to an individual, which can describe, associate, or reasonably link directly or indirectly to an individual (hereinafter referred to as “Personal Data”). The Company will only collect information to provide services and improve the user experience. To provide you with Whoscall Service, the Company may require you to provide Personal Data, and the functionality of Whoscall Service depends on the provision of your Personal Data, such as account and device identification, third-party login, caller identification, SMS identification, number query, blocking or marking, personal data leakage detection, user reporting, etc. You understand that if you do not provide certain necessary Personal Data, Whoscall Service may not be able to fully perform some or all of its functions.

The Company will collect your Personal Data through your use of Whoscall Service, including the following data categories: Phone number, email address, SMS, MMS, contacts, website and domain name you ever browsing or visiting, device information, application usage records, number query or blocking records, tags or annotations you provide for your or related phone numbers, GPS location information inferred or judged by the system, communication service quality, URLs you query, system feedback information and data, your keyword search records, your purchase records (excluding credit card information), communication exchange and device identification data, notification information of other applications in your device, click and search records of other applications in your device, system crash records, system diagnostics, application performance data, Personal Data when you log in through a third party. Please note in the event that the Company collects such personal data from any third-party service provider as above, you will get the notice above of such collection and the associated activities.

Legal Basis and Other Purposes

The legal basis for the Company to process your Personal Data is that such processing is necessary for the Company to provide Whoscall Service, or in certain cases, the processing is necessary for the Company to pursue its “legitimate interests.” Situations where such actions are necessary for “legitimate interests” may include: to protect you, the Company, or others from security threats, to comply with laws that the Company must follow according to Section 24(6) of the PDPA, to share information within the Company’s group entities, to prevent fraud and abuse of the Company’s IT systems, to implement reporting mechanisms, and to conduct internal investigations and audits.

The Company will only collect, process, and use the Personal Data you provide for the purposes notified to you, and will not disclose your data to third parties without your prior consent, except in the aforementioned legal basis situations. The Company will not share your Personal Data with third parties for direct marketing purposes, nor will it sell Personal Data to any third party. For the avoidance of doubt, the Company may disclose personal data to comply with legal obligations, including court orders, and will disclose such information to governmental authorities.

The purposes of the Company collecting and processing Personal Data may include:

1) The Company relies on contractual obligations basis to process your Personal Data in order to, such as:

Process registration requests and verify your identity when registering to create a user account on the Whoscall Service;

Proceed with the registration of membership;

Allow you to access and use the Whoscall Website and Whoscall Service;

Manage your use of Whoscall Service and continue the proceedings in relation to Whoscall Services, and communicate with you;

Manage payment collection and invoicing (if any);

Provide assistance services and handle any contact, inquiries, or requests about the Whoscall Services;

Manage your Whoscall Service account; and

Implement reporting mechanisms for Whoscall Services.

Show the proactive warning signs for specific domains with high risk

2) The Company relies on legal obligations basis to process your Personal Data in order to, such as:

Carry out any accounting and financial activities such as auditing, invoicing, collection of debts, issuance of tax invoices and evidence of transactions as required by law;

Collect or disclose Personal Data to government agencies as required by law; or collect personal data from government entities, courts, or law enforcement agencies in detecting and handling scam and fraud.

Comply with applicable laws and regulations, court orders, or orders of competent authorities, pay legal fees, and establish and exercise legal claim as permitted by law.

3) The Company relies on legitimate interest basis to process your Personal Data in order to for instance,

Improve, optimize, or enhance the Whoscall Website and Whoscall Service, and develop or provide personalized services to you;

Contact you due to your complaint or comments on the Company’s services that you want us to improve;

Process your Personal Data for the purpose of internal auditing, such as subscriber refund data verification.

Ensure network security, to investigate, prevent, or act in reprisal in the event of suspected illegality or fraud, or to safeguard the safety, rights, or property of the Company or of another person;

To share any information within the Company's group entities for the purpose of preventing fraud and abuse of the Company's IT systems;

Enforce or defend this Privacy Policy or the contract between you and the Company; and

Maintain the integrity and security of the Company’s data technology systems that store and process your Personal Data;

To achieve the purpose of developing anti-fraud and scams solutions to support national advocacies and interest to fight against scams and fraud

Market the Company’s products or services and deliver advertisements you may like;

5) In case you are not one of our users, but you made a call to one of our users or received a call from one of our users, we may process your personal data for the following purposes based on our, our users’ and third parties’ legitimate interests:

To provide information to our users at the moment when you contact one of our users;

To communicate with you about the information we hold about you, to correct the information that we may display about you and to respond to your inquiries;

To improve Whoscall service, and for research and analytics purposes;

To administer Whoscall service, and other systems, including troubleshooting, and data analysis, testing, research, statistical and survey purpose

Whoscall Service may access data only under the premise of fulfilling obligations similar to those described in this Policy. The purpose of some service providers' services is to assist the Company in providing, analyzing, and improving Whoscall Service and to assist the Company in detecting and handling data breaches, illegal activities, and fraud to execute the purpose as above. The Company may also share your Personal Data with government entities, courts, or law enforcement agencies to comply with legal obligations, enforce or maintain this Policy, respond to claims, or for certified government or criminal investigation-related requests

You are not obligated to provide any Personal Data to the Company. However, please note that if you do not provide certain data, the Company may not be able to fully provide you with complete services. If you want more detailed information on this aspect, please contact the Company.

Retention Period

The Company will retain your Personal Data only for the reasonable period necessary based on the specific purpose for processing your data. If you consent or have consented to the Company processing your data, the Company will process your Personal Data only during the period when your consent is valid. However, if you uninstall or do not use the Whoscall Application for more than 12 consecutive months, it will be deemed that you have stopped using Whoscall Service, and the Company will delete your Personal Data.

Notwithstanding the above provisions, the Company may still retain your Personal Data as required by applicable laws and regulations, to assist any government and judicial investigation, make or defend legal claims, or for civil, criminal, or administrative litigation purposes. If none of the above reasons apply to the retention of your data, the Company will securely delete and dispose of your data.

Data Controllers, Service Providers, Data Transfer (Cross-border Transmission)

The Company is the data controller of your Personal Data, and the Company will collect and process Personal Data according to the Whoscall Service. Your use of Whoscall Service is subject to the Whoscall Terms of Service.

The Company may transfer your data to third-party service providers subcontracted by the Company. These service providers are limited to assisting the Company in executing, managing, and providing Whoscall Service and may access data only under the premise of fulfilling obligations similar to those described in this Policy. The purpose of these providers' services is to assist the Company in providing, analyzing, and improving Whoscall Service and to assist the Company in detecting and handling data breaches, illegal activities, and fraud, such as customer support, payment partners, technical partners, contractors, or agents who perform functions on our behalf. The Company may also share your Personal Data with government entities, courts, or law enforcement agencies to comply with legal obligations, enforce or maintain this Policy, respond to claims, or for certified government or criminal investigation-related requests. These entities are the recipients of your Personal Data. The Company takes security measures to ensure that your Personal Data is processed in accordance with this Policy and applicable legal requirements, and to ensure that data recipients maintain and process the data under relevant restrictions and conditions.

When you agree to the terms of Whoscall Service and begin using it, your Personal Data will be encrypted and transmitted to Taiwan, where the Company is located, and to the USA and Japan, where our servers are located. We use servers to operate Whoscall Service; Please refer to their Privacy Policy. Servers are essential for providing Whoscall Service, and we need to transfer your data for the entire period you use Whoscall Service. If you do not agree to the cross-border transmission of your Personal Data, please do not use Whoscall Service or apply for the deletion of your Personal Data under this Privacy Policy. However, we will be unable to provide Whoscall Service to you subsequently.

Your Rights Regarding Personal Data

You have the following rights regarding your Personal Data:

Right to Data Portability You can request a copy of your Personal Data collected by the Company at the time or specific parts of it.

Right to Access Data: You can request to take a check or review of your Personal Data collected by the Company at the time or specific parts of it.

Right to Rectification: You can request to revise your Personal Data collected by the Company at the time or specific parts of it.

Right to Erasure: You can request the Company and its third-party service providers to delete your Personal Data.

Right to Object: You can object to the Company’s use of some or all of your Personal Data based on the pursuit of its legitimate interests.

Right to Restrict Data Usage: You can request the Company to restrict the processing or use of some or all of your Personal Data that is no longer necessary to provide services or that the Company legally retains.

Right to Withdraw Consent: You can request the Company to stop use of some or all of your Personal Data to withdraw consent that is no longer necessary to provide services or that the Company legally retains.

Right not to be discriminated against by the Company for exercising the above rights.

Right to lodge a complaint with the competent authority: You can seek all legal relief procedures in accordance with the law for data breach.

You can make the above rights requests through the Whoscall Website, Whoscall Application, by contacting privacy@gogolook.com, or the contact information listed in this Policy. The Company will evaluate your request upon receiving the message and notify you of how it plans to handle it. In specific situations and according to applicable laws and regulations, the Company may refuse to provide you access to data, or refuse to modify, delete, transfer, or restrict the processing of your data. The Company will respond to your request within thirty days of receiving the message. Please note that if you exercise the right to delete data, restrict, or object to the Company’s processing, or exercise the right to withdraw your consent, the Company may not be able to continue to provide you with Whoscall Service.

Security

The Company cares about protecting your Personal Data. To safeguard your data from unauthorized access, the Company will adopt security standards, hardware, and electronic devices that comply with legal requirements in the Company’s location. To reduce the risk of misuse, unauthorized access, disclosure, and loss of access, the Company employs various methods to protect data. Some of these security measures include the use of pseudonyms, data encryption, data hashing, and other techniques and access control methods. When directly processing or accessing your Personal Data, the Company will do so on a secure network and limit the personnel who can access the information through precise access control methods. The Company will encrypt the data you provide and, depending on the service, store the data in third-party storage and devices managed by the Company.

The Company represents and warrants that the Company, its personnel, and employees shall collect, store, use, disclose, and/or transfer any personal data for the performance of the Whoscall Services under this Policy only, unless subject to the extent permissible by applicable laws.

If the Company has sufficient evidence showing that a specific IP address, user, or device is intentionally disrupting or impairing the Company’s operations or service quality, the Company may refuse to provide further services or report such behavior to relevant authorities, or both actions.

Policy Changes

This Policy may be modified over time. In case of any content changes, Whoscall will post the new policy on the Whoscall Website or notify you through the Whoscall Application. These changes will take effect immediately on the effective date specified in the announcement. If you continue to use the services and related applications provided by the Company, it means that you agree to the revisions of this Policy and commit to complying with them. If you object to any such revisions, you should stop using all services and related applications provided by the Company. We recommend that you regularly review this Policy to confirm whether any changes have occurred.

Children Policy

Whoscall Service does not intentionally collect any Personal Data from children under the age of 14. If the parents or guardians of a child discover that the child has provided their Personal Data to Whoscall without prior consent, they should contact us at service@gogolook.com. If Whoscall discovers any Personal Data provided by children under the age of 14, Whoscall will delete all related documents. However, this does not imply that Whoscall has the ability or obligation to prevent or delete Personal Data provided by children under the age of 14.

Links to Other Websites

The Whoscall Website or Whoscall Service may contain links to other websites, but this does not imply any subordinate relationship, authorization, or representation between the Company and the third-party websites. The Company does not have control over third-party websites, and the relevant management regulations of the websites you browse through the Whoscall Website or Whoscall Service will be governed by the terms or policies provided and formulated by the third-party websites. The Company does not assume any responsibility or obligation for the content or behavior of such third-party websites.

Phishing Websites

The Company is very concerned about identity theft and phishing websites. The protection of your Personal Data is one of our main priorities. Whether now or in the future, the Company will not request your credit card information, account identification information, login passwords, or national identification number or equivalent identification codes through non-secure or suspicious emails or phone calls. If you have any questions regarding this Policy, please contact: privacy@gogolook.com.

Chief Privacy Officer and Contact Information

The Company’s Chief Privacy Officer is the highest administrator responsible for personal data protection. If you have any questions or comments regarding this Policy, the contact information is as follows: Address: 6th Floor, No. 319, Section 2, Dunhua South Road, Da'an District, Taipei City The DPO Email: dpo@gogolook.com. ;or privacy@gogolook.com.

Language

This Policy is made in both Thai and English versions, if there is any discrepancy between both two versions, the English version shall prevail.

Privacy Policy Versions

Release Date: 2024/08/13
Release Date: 2023/05/23
Release Date: 2022/01/18
Release Date: 2020/08/28
Release Date: 2020/05/12

Privacy PolicyLast Modified Date: 2024-08-13 18:00:00 (GMT +8)