Privacy Policy



Food Fight Limited (the “Company”, “we”, “us”, or “our”) recognizes the importance of the protection of personal data. We commit to carefully and sensibly collect, use and disclose your personal data while giving you the very best experience and customer services.


This privacy policy (this “Privacy Policy”) applies to our website, mobile applications, contact center, social networking sites, online communication channels, and other locations where we collect your personal data for providing information on the collection, use and disclosure of personal data of our customers, commercial partners, visitors, employees and other persons who are necessary for the operation of our business (“You” or “Your”) in accordance with Section 23 of the Personal Data Protection Act B.E. 2562 (2019) (“PDPA”).


  1. Personal Data that we collects, uses and discloses

We needs to collect, use and disclose your Personal Data as follows:

Category Examples of Personal Data which the Company collects, uses and discloses
Identification personal details Name-surname, date of birth, ID number, passport number, gender, age, nationality, photo, autograph
Contact details Address, telephone number, email address, LINE ID and other social media accounts
Data connecting with usage of computer system IP address, user account, cookies and website access records
Employment details Education records, work records, marital status, conscription status, licenses, information relating to welfare and benefits, operation information, disciplinary information, personal data of third persons (family members, work guarantors, reference persons and emergency contact persons) and social security information
Sensitive personal data  


  1. Our activity, purpose and lawful basis of the collection, use and disclosure of your personal data
Lawful bases Activity/Purpose for collection, use and disclosure of personal data
Legal obligation 1.          Comply with any applicable laws and regulations of regulatory authorities as well as court orders or other government agencies including in relation to personal data protection, tax , labour, social security and immigation.
Performance of contract

1.         Provide our services and process any transaction relating to our products and services.

2.         Process payments.

3.         Confirm and/or identify your identity in using our service through any channels or by contacting the Company.

4.         Process your requests or complaints.

5.         Register our business partners, procurement process and any transactions relating to agreement and finance.

6.         Employment to prove and verify the identity of persons to work for the payment of remuneration, provision of welfare and for human resource management.

Legitimate interest

1.         Improvement and development of the company’s business operations and services.

2.         Internal operations to fix our website problems, data analytics, research testing for security, distortion checks and user account management.

3.         Investigate and prevent acts that violate or may violate the law.

4.         Protect the Company’s business operations including protecting your privacy rights, the security of the Company’s property, our employees and you or other persons.

5.         Investigate or conduct internal audits in various fields such as security operational aspects, etc.

6.         Security of the Company’s property including remedying, preventing or limiting damage that may occur.

7.         Business communication with representatives, persons related to our business partners or contracting parties.

8.         Communicate with those who have a relationship with or are related to the Company’s employees in cases of urgent need or to ask for important information related to employees.


1.         Offer you our



In the event you do not provide such personal data to the Company, this may cause a delay in our processes and the Company may not be able to process as you have requested.

  1. Retention period

The Company will retain your personal data while you continue to use our services or still have any relationship with the Company and will continue to retain such personal data for a period of ten (10) years after the termination of your relationship with the Company, after which the Company will delete, destroy or anonymize your personal data except in the case of legal necessity or technical reasons. However, the Company may have to retain your personal data for a longer duration, as required by applicable law.

  1. Disclosure of personal data

Access to your personal data is restricted to individuals who need to know in order to perform their work and responsibilities to achieve the objectives below.

The Company may, however, disclose or forward your personal data to third parties or other data controllers to process your personal data, as follows:

  • Third parties required by law for compliance with the law including the orders of government agencies that are issued under the law.
  • Internal groups of the Company for internal management and marketing purposes where the Company has obtained your consent.
  • Service providers of the Company where the Company may use third-party services to assist in its operations including in relation to software or website development, digital media, transportation, payments and financial systems, research and analytics, auditors, marketing and events, telecommunications, storage and cloud services, printing, attorneys, legal consultants and archiving and shredding as well as other professionals. The Company will require the service providers to take necessary measures to protect the privacy of your personal data. The service providers are prohibited from using your personal data for purposes other than to support the activities or work of the Company.
  • Any person entrusted to manage any interests, intermediaries, contact persons and your representatives.
  • Any person to whom the Company has obtained your order to disclose your personal d


  1. Data security

The Company maintains reasonable security measures for your personal data to protect the unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of your personal data and limit access. Also, the Company requires employees, personnel, agents and recipients of information from the Company to have an obligation to keep your personal data confidentially and secure according to the measures set by the Company, when any action is required in relation to your personal data.

  1. Your rights

You have rights to your personal data under the personal data protection law. You may exercise the following data subject rights unless the Company has grounds to lawfully reject your request:

  • Right to withdraw consent – You have the right to withdraw your consent. The withdrawal of consent will not affect the lawfulness of the collection, use and disclosure of your personal data based on your consent before it was withdrawn.
  • Right to access and obtain a copy – You have the right to access and obtain a copy of your personal data that is retained by us.
  • Right to data portability – You have the right to receive your personal data where we can arrange for such personal data to be in a readable or commonly used form, by way of automatic tools, equipment or format, and such personal data can be used or disclosed by automated means. Also, you have the right to request us to send or transfer your personal data to a third party, or to receive your personal data which has been sent or transferred to a third party by us.
  • Right to object – You have the right to object to the collection, use and disclosure of your personal data where we proceed on a legitimate interest basis, or it is for a direct marketing purpose.
  • Right to erasure – You have the right to request us to delete, destroy or anonymize your personal data in the event we do not need or have no legal right to keep such personal data.
  • Right to restrict – You have the right to request us to restrict the use of your personal data under certain circumstances when there is a pending examination of us in accordance with your request to rectify your personal data or object to the collection, use and disclosure of your personal data, or your request to restrict the use of your personal data instead of to delete or destroy your personal data.
  • Right to rectification – You have the right to rectify your personal data that is inaccurate and to update your personal data in order to avoid any misunderstanding.
  • Right to lodge a complaint – You have the right to make a complaint with the Personal Data Protection Committee or their office where we do not comply with the personal data protection law.


You may exercise your rights by contacting us at the contact information in clause 8. The Company will review and notify the result of your request within thirty (30) days from the date of receipt of the request. The Company may decline to process your request if required by law.

  1. Modification of the Privacy Policy

The Company may modify or amend this Privacy Policy at any time for the purposes of suitability and to be consistent with changes in the Company’s operations and affiliates, or to comply with rules of law that have changed.

  1. How to contact us

In the event you have a privacy concern or question related to this Privacy Policy or would like to exercise your rights, please feel free to contact us at:

Food Fight Limited

Our office:             15 M Towers Building, Room 4-5, Soi Sukhumvit 35 (Charoen Niwet),

Sukhumvit Road, Klong Tan Nua, Wattana, Bangkok 10110

Call Center: 065 529 9554


This Privacy Policy was issued on on [Date] (Version 1.0).