Privacy Policy

Last Updated: October 2025

CareLink ("we," "our," or "us") is committed to protecting your privacy and ensuring compliance with the Personal Data Protection Act B.E. 2562 (2019) ("PDPA"). This policy outlines how we handle your personal data.

1. Information We Collect

We collect data necessary to provide safe caregiving services. This includes:

• General Personal Data: Name, address, phone number, LINE ID, and national ID copy (for identity verification).
• Sensitive Personal Data: Health data, medical history, disability information, and criminal records (for caregivers). We collect this only with your explicit consent or as required by law.
• Technical Data: IP address, browser type, device information, and usage logs via Cookies.

2. Legal Basis & Purpose of Use

We process your data based on the following legal grounds:

• Contractual Basis: To fulfill the service agreement between you, us, and the caregiver (e.g., matching, billing).
• Consent: Explicit consent is obtained for processing Sensitive Data (Health records).
• Legitimate Interest: To prevent fraud, ensure safety, and improve our platform security.

3. Data Sharing and Transfer

We strictly limit data sharing:

• Service Provision: Relevant health and location data is shared only with the assigned Caregiver to ensure proper care.
• Third-Party Processors: We use secure cloud providers (e.g., Google Cloud) which may process data outside Thailand. We ensure these providers maintain high security standards.
• Legal Compliance: We may disclose data if required by Thai law or court order.

4. Cookies & Tracking Technologies

We use cookies to enhance your experience. You can choose to disable cookies through your browser settings, but this may affect website functionality.

• Strictly Necessary Cookies: Required for the website to function (e.g., logging in).
• Analytical Cookies: Help us understand how visitors use our site (e.g., Google Analytics).

5. Marketing Communications

With your consent, we may send you newsletters or promotional offers via LINE or email. You may opt-out of these communications at any time by contacting us or using the "unsubscribe" link provided in the messages.

6. Security Measures

We implement appropriate technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction. This includes encryption (SSL) and strict access controls for our employees.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, or as required by law (e.g., 10 years for financial records). When data is no longer needed, we securely delete or anonymize it.

8. Minors

Our services are not intended for individuals under the age of 20 without parental consent. We do not knowingly collect data from minors. If we discover we have collected data from a minor without consent, we will delete it immediately.

9. Your Rights Under PDPA

You have the following rights regarding your data:

• Right to access and request a copy of your data.
• Right to rectify/update inaccurate data.
• Right to request deletion (Right to be Forgotten).
• Right to withdraw consent (for sensitive data) at any time.
• Right to lodge a complaint with the PDPC (Personal Data Protection Committee).

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date.

Contact Us (Data Controller)

If you wish to exercise your rights or have privacy concerns, please contact our Data Protection Officer:

Email: contact@carelinkth.com