Privacy Policy

Library Club Company Limited (the “Company”) is the developer and manager of the platform, namely “ACE Card” for the collection and redemption of loyalty point earned from spending at the restaurant; and for the reservation of restaurant accessible via the application and other type of platform (the “ACE Card”). The Company intends to announce this Privacy Notice (the “Notice”) to inform about the collection, process, disclosure and management of the personal data of the member (the “Member”). Upon the registration of the user account on ACE Card, the Company shall deem that the Member acknowledge and agree to this Notice. In case there is any change in the Notice, the Company shall announce to the Member of those changes via ACE Card and it shall be deemed that the revised Notice become effective upon announcement.

ACE Card Privileges

The Company would like to inform the Member that under the terms and conditions to be defined by the Company, the ACE Card provide the following privileges to the Member: (1) Point Earning – the Member will earn new point from spending and transacting at the restaurant of the Company and the Company’s partners; (2) Point Redemption – the Member can use the point earned to redeem several forms of benefits, including discount coupon; and (3) Other privileges & benefits that the Company may announce and notify the Member from time to time, for instance, the special discount according to the membership tier or the participation in flash deals as well the benefit of being notified of any special privileges and benefits that only the Member can get access to.

Scope of Application

This Notice shall be applicable t the Ace Card membership system and the process of personal data directly by the Company only. It shall not be applicable to the personal data processing undertaken by any third party that may connect to ACE Card. Since the Company does not have any involvement and governance over the process of personal data undertaken by third party, the Company recommend that the Member shall study the privacy notice that those relevant third party may announce and the please note that the Company does not give any representation or warranties to the personal data processed by those third party.

Sources of Personal Data that the Company would process

The Company may receive the personal data of the Member from the following sources: (1) directly obtained from the Member upon the registration for the user account; the transaction undertaken with such user account; and any contact made between the Member and the Company; (2) obtained automatically from the system underlying the performance of ACE Card platform; and (3) obtained directly from the Company’s affiliates or business partner where the Member may make any spending at their respective restaurant or where the Member may use their ACE Card privileges.

Details of the Personal Data to be Processed by the Company

Upon the registration of the user account and the use of the Company’s services on ACE Card, the Company would need to collect, process and use the personal data of the Members with the details of the personal data to be processed, the purpose and retention period as follows:

1. 1. Automatic Processing of the Personal Data during the use of ACE Card

Once the Member use ACE Card, the system will automatically collect, process and use the data relating to the Member’s device used to connect for the use of ACE Card and the behaviourial data of the Member during the use of ACE Card. The Company would need to process those personal data for the purpose of: improving the ACE Card to match the use of its member; and to recommend or display the relevant information that would match the Member’s interest the most; provided that the Company would retain these personal data for the period of time that would be necessity for the Company from the business and technical perspective while ensuring that such process shall not cause excessive impact on the Member as the data subject.

1. Personal Data Processing during the User Account Registration
   • • Personal Data to be Processed: Upon registration of the user account, the Company will collect, process and use the Member’s personal data, including: full name, gender, date of birth, contact information (i.e., telephone number and email address) and may include social media account (i.e., Facebook or Line) that the Member may select to connect for the user account registration;
     • Purpose: The Company would need to process those personal data for the purposes of: (1) verifying the eligibilty and rights of the Member to use the relevant services on ACE Card; (2) providing specific privileges or benefits to each Member; (3) referring the transactions and point earned or redeemed on ACE Card to the relevant Members; and (4) contacting with such Member for the provision of ACE Card privileges pursuant to the terms and conditions to be defined by the Company;
   Retention Period: For the defined purpose, the Company would need to retain the Member’s personal data (i) throughout the time that the Member still haves the user account on ACE Card or until the time that the Member notify the Member in writing that he/she would like to terminate the membership; (ii) 1 year after the termination of the user account for the purpose of the exercise of the legitimate rights of the Company in case there is any dispute or the purpose of data recall in case the Member re-apply the membership; (iii) for the period of time that the Company may be obliged under the laws to retain such personal data; and (iv) in case of the personal data processed with the consent given by the Member, the Company will process such personal data until such Member withdraw his/her consent.
   • Retention Period: The Company would need to process those specific personal data for so long as the Member still has the user account on ACE Card.
2. Personal Data Processing for the use of ACE Card Privileges
   • Personal Data to be Processed: During the use of ACE Card privileges, the Company would need to collect and process the following personal data of the Member: (1) details of the spending transactions that the Member may make at the relevant restaurant of the Company and its business partners, including the spending amount and other transaction details whereby the ACE Card system will process those inforation for the calculation of the point to be earned; (2) details of the the transaction undertaken on ACE Card using the user account of the Member, including without limitation the log-in information, the point redemption and the use of the redeemed privileges and the transaction history; and (3) other personal data of the Member that may contact and disclose to the Member via ACE Card and during the participation in any event hosted by the Company.
   • Purpose:The Company would need to process the personal data as defined for the following purposes:
     1. To ensure the provision of privileges to the Member pursuant to the terms and conditions defined by the Company, the Company would need to process the personal data to (i) verify the eligibility and rights of the Member; (ii) coordinate with the Member for the use of ACE Card privileges or for the participation in the event hosted by the Company; and (iii) in particular calculate the point earning and the total balance of the point and hand over of the privileges that the Member may redeem using the points;
     2. To perform the legal obligations that the Company may have, in particular for the performance of the legal obligations relating to taxes and accounting;
     3. To exercise the legitimate interest that the Company may have without causing excessive impact on the Member’s rights as the data subject, the Company would need to process the personal data of the Member to (i) exercise its legitimate rights in case there any dispute between the Company and the Member and in case there is any fraud in the system; (ii) plan the improvement of ACE Card privileges to match the interest and needs of the Member both as the individual and as the overview and the improvement of the relationship between the Company and the Member through the grievance redress process; (iii) analyze the Member’s profile and interest so that the Company can display the information that would match such profile and interest and the Company can do the lookalike marketing strategy; and (iv) prepare the marketing materials showing the feedback and testimonial for the use of ACE Card privileges and the marketing materials of any event hosted;
     4. With the consent given by the Member, the Company would process the Member’s personal data for such specific purpose the consent is given, including using the personal data to contact and notify the Member of the information other than the direct privileges that the Member shall be entitled to receive as the membership privileges; or sharing the personal data to the Company’s affiliates so that they can do direct marketing to the Member.
   • Retention Period: For the defined purpose, the Company would need to retain the Member’s personal data (i) throughout the time that the Member still haves the user account on ACE Card or until the time that the Member notify the Member in writing that he/she would like to terminate the membership; (ii) 1 year after the termination of the user account for the purpose of the exercise of the legitimate rights of the Company in case there is any dispute or the purpose of data recall in case the Member re-apply the membership; (iii) for the period of time that the Company may be obliged under the laws to retain such personal data; and (iv) in case of the personal data processed with the consent given by the Member, the Company will process such personal data until such Member withdraw his/her consent.
3. Personal Data Processing for Restaurant Reserva onTo ensure the restaurant reservation is completed and to ensure the maximum satisfaction of the Member, the Company would need to process the following personal data of the Member, (i) Member’s current location for so that the Company can direct the Member to the selected restaurant; (ii) reservation information, including date and time of the reservation, number of people and the contact information (i.e., email and telephone number); (iii) any other information that may be relevant to such restaurant reservation.

Disclosure of Member’ Personal Data

Generally, the Company will not disclose the personal data of the Member to any third party, except only in case that the Company would need to disclose the Member’s personal data to the third party who is directly involved in performance of the obligations that the Company may have with the Member; provided that the Company will ensure that the disclosure will be made on the need-to-know basis only. The third parties that the Member’s personal data will be shared to include: (1) the Company’s affiliates and business partner that the Member may make any spending to earn point or may use the redeemed privileges so that the relevant Member privileges will be granted and the Company and the relevant company can do proper reconciliation; (2) the third party service provider who provide services to support the performance of ACE Card, including the IT service provider and other consultant providing services to the Company (i.e., auditor or other consulting firm); (3) the government agency that the Company may be obliged under the laws or government order or judgement to disclose the Member’s personal data to; and (4) in case the Member gives consent to the Company, the Company may disclose the Member’s personal data to any person that the Member defines.

Security of the Personal Data

The Company ensure that the necessary measures to protect the security of the Member’s personal data that is in possession of the Company and to prevent those personal data from being used, accessed, modified, disclosed or destroyed without any authorization and the Company will revisit and improve those security measures from time to time to ensure the compliance with the laws and industrial standards.

Data Subject Rights

The Company respect the rights that the Member have under the applicable law relates to your personal data, including (1) the right to request for access and copy of the personal data or the right to rectify your personal data; (2) the right to request for data portability in case such personal data is retained in the electronic manner that can be automatically sent to third party; (3) the right to object to any personal data processing; (4) the right to request for any deletion or de-identification of the personal data in case any personal data is not needed; (5) the right to request for the suspension of the data processing; and (6) the right to withdraw consent. The Member can contact the Company via ACE Card Customer Service at [custsvc@librarycard.club / LINE Official @acecard] In cae the Member does not want to receive any information from the Company, please contact us at ACE Card Customer Service at [custsvc@librarycard.club / LINE Official @acecard]