Privacy Policy

Effective Date: 22 October 2025

Data Controller: Basketeer Group Co., Ltd.
893 Pattanakarn Road, Soi Pattanakarn 11, Sub District Suanluang, District Suanluang, Bangkok 10250
Email: [email protected]

1. Scope and Application

This Privacy Policy explains how Basketeer Group — including its brands Basketeer, Flowers by Basketeer, and Charlotte Bakery — collects, uses, and protects your personal information.

We are committed to safeguarding your privacy in accordance with Thailand's Personal Data Protection Act B.E. 2562 (PDPA) and relevant international standards such as the General Data Protection Regulation (GDPR).

This policy applies to all websites, mobile applications, social media channels, online stores, and physical locations operated by Basketeer Group.

It covers personal data collected from:

• Customers placing orders online or in-store
• Visitors browsing our websites
• Users interacting with us on social media
• Recipients of marketing communications

2. Information We Collect

Personal Information

• Full name, address, email, and telephone number
• Delivery and billing details
• Payment information (processed securely via authorised gateways)

Account and Transaction Data

• Order history and preferences
• Customer account and loyalty programme details

Digital and Usage Data

• Cookies, IP addresses, device identifiers
• Browsing behaviour and analytics data

Communication Data

• Messages, reviews, or feedback sent via our contact forms, LINE, Meta, or email

3. How We Use Your Information

We use personal data as necessary for our business operations and your service experience, including to:

• Process and fulfil your orders
• Manage deliveries, returns, and after-sales support
• Improve our products, websites, and customer experience
• Send offers, updates, and promotions (with your consent)
• Ensure compliance with applicable laws and fraud prevention

We do not sell or rent personal data to third parties.

4. Legal Basis for Processing

We process your data under one or more lawful bases:

• Consent (e.g. for marketing subscriptions)
• Contractual necessity (e.g. to process your order)
• Legal obligation (e.g. tax or accounting records)
• Legitimate interest (e.g. service improvement or fraud prevention)

5. Data Sharing and Third Parties

We may share data with trusted service providers who assist in our operations, including:

• Payment gateways (e.g. Omise, Stripe, PayPal)
• Delivery partners (e.g. Kerry, Flash, Grab)
• Marketing and analytics platforms (e.g. Meta, Google, LINE)
• IT and hosting providers supporting our systems

All partners are bound by strict data protection agreements and may not use your data for their own purposes.

6. Facebook Login (Meta Platforms)

If you choose to sign in or interact via Facebook Login, we may receive information from Meta such as your public profile (name, email, profile ID) according to your permissions. We use this data solely to verify your identity, personalise your experience, and provide our services.

You can revoke data access or delete our app connection anytime under:
Facebook → Settings & Privacy → Settings → Apps and Websites.

For Facebook user data deletion, please follow our Data Deletion Instructions.

7. Cookies and Tracking

We use cookies and similar technologies to:

• Enable website functionality
• Analyse performance and improve user experience
• Personalise marketing content

You can manage or withdraw your cookie preferences through your browser settings or our on-site cookie management tool.

8. Data Retention

We retain data only as long as necessary for its purpose or as required by law.

Typical retention periods:

• Customer orders and transactions: 7 years
• Marketing consent and communications: 3 years (renewable)
• Analytical and cookie data: 1 year

After these periods, data is securely deleted or anonymised.

9. Your Rights

Under Thailand's PDPA, you have the right to:

• Access and request a copy of your personal data
• Request correction of inaccurate data
• Withdraw consent for processing
• Request deletion or anonymisation of your data
• Object to or restrict processing in certain cases

To exercise these rights, contact [email protected].

For Facebook Login users, please also refer to our Data Deletion Instructions.

10. Data Security

We apply multiple layers of protection, including:

• Secure servers and encryption
• Restricted access and employee confidentiality policies
• Regular security reviews and compliance checks

While we take all reasonable precautions, no system is entirely risk-free; we continuously monitor and improve our safeguards.

11. International Data Transfers

If personal data is transferred or stored outside Thailand (e.g. on global cloud services), we ensure that appropriate safeguards such as standard contractual clauses or equivalent protections are applied.

12. Updates to This Policy

We may update this policy to reflect operational or legal changes. Any updates will be posted on our official websites with a revised effective date.

13. Contact Us

If you have questions or concerns about how we handle your data, please contact:

Basketeer Group Co., Ltd.
893 Pattanakarn Road, Soi Pattanakarn 11
Sub District Suanluang, District Suanluang, Bangkok 10250

Email: [email protected]