This Privacy Policy explains how Mango ("Platform"), operated by TY Technology Co., Ltd. ("Company"), collects, uses, discloses, and protects the personal data of its users.

This policy has been prepared in accordance with the Personal Data Protection Act B.E. 2562 (PDPA) and related legislation.

The Company acts as the "Data Controller" as defined under the Personal Data Protection Act.

2.1 Basic Information

• Full name
• Phone number
• LINE User ID (when logging in via LINE)
• User type (job seeker / employer)
• Nationality
• Work permit information (for foreign workers)

2.2 Usage Behavior Data

• Search and browsing history
• Job application history
• Posted reviews, salary data, and interview experiences
• Points earning and spending history
• Language preferences

2.3 Technical Information

• IP address
• Device type and browser
• Operating system
• Cookie and session data
• Access date and time

We use your personal data for the following purposes:

3.1 Service Provision

• AI-powered part-time job matching
• Account management and identity verification
• Job and application notifications
• Points system and subscription management

3.2 Content Moderation

• Review, salary data, and interview experience moderation
• Detection and prevention of inappropriate or false content
• Complaint handling

3.3 Platform Improvement

• User behavior analysis for experience improvement
• New feature development
• Statistical reporting (aggregated, non-identifiable data)

3.4 Security

• Fraud prevention and illegal usage detection
• Fake account detection and system manipulation prevention
• Legal compliance and court order compliance

We implement appropriate security measures to protect your personal data:

4.1 Encryption
Sensitive personal data is encrypted both at rest and in transit. All communications use HTTPS/TLS protocols.

4.2 Access Control
Only authorized personnel can access personal data. Multi-factor authentication (MFA) is employed, and all access is logged.

4.3 Separated Storage
User identity information and posted content (reviews, salary data, etc.) are stored separately to prevent unauthorized linking of identities to content.

4.4 Security Audits
Regular security audits are conducted, and security measures are continuously improved.

5.1 Data Separation
Reviewer identity data (name, phone, LINE ID) is stored separately from review content in the database, making general linking impossible.

5.2 Displayed Information
When content is published, only general information is shown, such as reviewer type (current/former employee), without displaying personally identifiable information.

5.3 Identity Disclosure
The Company will not disclose the identity of any content author unless:

• Ordered by a court of competent jurisdiction
• Ordered by a government authority legally empowered to do so
• Required under the Computer Crime Act B.E. 2550 and amendments

We use the following types of cookies:

Type	Purpose	Duration
Essential Cookies	Login, session, CSRF token	Session
Preference Cookies	Language settings, display preferences	1 year
Analytics Cookies	Usage statistics, service improvement	90 days

You can disable cookies through your browser settings, but this may affect the functionality of some Platform features.

7.1 Retention Periods

Data Type	Duration
User account data	Duration of active account + 2 years after deletion
Company reviews	Lifetime of platform (anonymized)
Salary data	Lifetime of platform (anonymized)
Interview experiences	Lifetime of platform (anonymized)
Access logs	90 days
Payment data	5 years per tax law

7.2 Account Deletion
When you delete your account, personally identifiable information will be removed within 30 days. Posted content (reviews, salary data, etc.) will remain in anonymized form, as it benefits the user community.

Under the Personal Data Protection Act, you have the following rights:

• Right of Access — Request access to your personal data that we hold
• Right to Rectification — Request correction of inaccurate or incomplete personal data
• Right to Erasure — Request deletion of your personal data, subject to legal conditions
• Right to Object — Object to the processing of your personal data in certain circumstances
• Right to Data Portability — Receive your personal data in a machine-readable format
• Right to Restrict Processing — Request restriction of processing of your data in certain circumstances
• Right to Withdraw Consent — Withdraw previously given consent at any time, without affecting the lawfulness of prior processing

To exercise these rights, please contact the Data Protection Officer (DPO) as detailed in Section 10.

9.1 Data Transfer
Your personal data may be transferred to servers located outside Thailand in the following cases:

• Use of cloud services with servers in other countries
• Use of AI services from foreign providers
• Multi-region data backup

9.2 Safeguards
When data is transferred internationally, the Company will:

• Verify that the destination country has adequate data protection standards
• Use contracts with data protection provisions with service providers
• Encrypt data in transit

Data Controller
TY Technology Co., Ltd.
Bangkok, Thailand

Data Protection Officer (DPO)
Email: dpo@mangojobs.th
LINE Official: @mangojobs

We will respond to your request within 30 days of receipt.

Supervisory Authority
If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Personal Data Protection Committee (PDPC).