Политика удаления контента
`markdown
Notice-and-Takedown & Data Removal Policy
Platform: postim.life Marketplace ("Barakhol'ka" / "บาราค่อลก้า")
Operator: wavetech.software (postim.life), registered at [Registered address - to be confirmed on operator formalization] ("we", "us", "the Platform")
Effective Date: 27 June 2026
Governing Law: Kingdom of Thailand
1. Purpose and Scope
1.1 This Notice-and-Takedown & Data Removal Policy ("Policy") establishes the procedures by which any person ("Complainant") may submit a complaint to the Platform regarding:
- (a) infringement of intellectual property rights, including copyright and trade mark rights ("IP Complaint");
- (b) unlawful, prohibited, or harmful content ("Content Complaint"); and
- (c) removal or restriction of personal data ("Data Removal Request").
1.2 The Platform operates as a venue and intermediary that enables independent buyers and sellers ("Users") to publish and view listings. The Platform is not a party to any transaction between Users, is not a seller, buyer, agent, broker, or guarantor, and does not create, edit, or endorse listing content. All listing content is generated exclusively by Users.
1.3 This Policy is published and maintained to support the Platform's safe-harbor protections under:
- the Computer Crime Act B.E. 2550 (2007), as amended in 2017, Section 15, read together with the Ministerial Notification on Service Provider Takedown Procedures issued by the Ministry of Digital Economy and Society ("MDES");
- the Thailand Personal Data Protection Act B.E. 2562 (2019) ("PDPA") and its subordinate regulations;
- the Royal Decree on the Supervision of Digital Platform Services B.E. 2565 (2022) ("Royal Decree"), which entered into force on 21 August 2023;
- the Copyright Act B.E. 2537 (1994), as amended, including its intermediary safe-harbor provisions for notice-and-takedown; and
- the Electronic Transactions Act B.E. 2544 (2001) regarding intermediary status.
1.4 Compliance with this Policy is a condition of Platform safe-harbor eligibility. The Platform will process complaints only through the procedures described herein. Complaints submitted outside these procedures may not receive safe-harbor treatment.
2. Platform Role and Liability Framework
2.1 Venue, not a party. The Platform provides a digital venue for Users to interact. We are not a party to, and exercise no control over, the terms, fulfilment, quality, safety, legality, or availability of any transaction concluded between Users. Responsibility for listing content, including its accuracy, legality, and compliance with applicable law, lies solely with the User who posted that content ("Poster").
2.2 No warranty on listings. The Platform makes no representations or warranties, express or implied, as to the accuracy, completeness, reliability, or fitness for purpose of any listing or any goods or services described therein. The Platform is provided on an "as is" and "as available" basis.
2.3 Safe-harbor conditionality. Our safe-harbor protection under the Computer Crime Act B.E. 2550, Section 15, the Copyright Act safe harbor, and the Royal Decree is conditional on the Platform's compliance with this Policy. We are therefore committed to processing valid complaints expeditiously and in accordance with the mandatory timelines set out in Section 5.
2.4 No editorial role. The Platform does not exercise an editorial role over listing content. Where automated moderation tools are applied, they operate on a keyword or threshold basis and do not constitute adoption of, endorsement of, or material contribution to any listing's content by the Platform. This passivity is essential to our intermediary safe-harbor status.
3. Designated Points of Contact
| Complaint Type | Contact Address | Designated Role |
|---|---|---|
| IP Complaints (copyright, trade mark) | ip@postim.life | IP Compliance Officer |
| Content Complaints (illegal / prohibited) | abuse@postim.life | Trust & Safety Team |
| Data Removal Requests (PDPA / GDPR awareness) | privacy@postim.life | Data Protection Officer ("DPO") |
| Law-enforcement and regulatory authority requests | legal@postim.life | Legal Counsel |
| General legal correspondence | legal@postim.life | Legal Counsel |
| Registered postal address | [Registered address - to be confirmed on operator formalization] | - |
The Platform's DPO has been appointed in accordance with PDPA obligations applicable to data controllers that process personal data of a large volume of data subjects. All data-related correspondence must be directed to the DPO contact address above.
4. Intellectual Property Complaints
4.1 Scope
Section 4 applies to complaints alleging that a listing hosted on the Platform infringes the Complainant's copyright, trade mark, or other intellectual property right, including but not limited to:
- reproduction or distribution of protected photographic or textual works without the rights holder's authorisation;
- trade mark use likely to cause confusion as to the origin of goods or services; and
- sale of counterfeit goods bearing unauthorised trade mark use.
4.2 Required Information
A valid IP Complaint must include all of the following elements. Incomplete submissions will not initiate the removal process and will be returned with a request for the missing information.
(a) Identification of the rights holder. The full legal name, organisation (if applicable), postal address, telephone number, and email address of the rights holder or their authorised representative.
(b) Description of the protected work or mark. A clear and specific identification of the intellectual property right claimed, including, where applicable, registration number and country of registration, and a sample or description of the protected work.
(c) Location of the allegedly infringing content. The specific URL or listing identifier on the Platform where the allegedly infringing content appears.
(d) Basis of infringement. A concise explanation of how the identified content infringes the identified right.
(e) Good faith statement. A statement, made to the best of the Complainant's knowledge and belief, that: (i) the use of the material in the manner described is not authorised by the rights holder, their agent, or applicable law; and (ii) the information in the complaint is accurate.
(f) Identity and authority declaration. A statement confirming that the Complainant is the rights holder or is authorised to act on the rights holder's behalf, together with the Complainant's handwritten or electronic signature.
4.3 Submission
IP Complaints must be submitted by email to the IP Compliance Officer at the address specified in Section 3. The subject line should read: "IP COMPLAINT - [Platform listing ID or URL]".
4.4 Processing Timeline
| Step | Action | Timeline |
|---|---|---|
| 1 | Acknowledgment of receipt | Within 24 hours of submission |
| 2 | Assessment of validity and completeness | Within 2 business days |
| 3 | Temporary restriction of identified content pending investigation | Within 3 business days of a validated complaint (ETDA marketplace standard, Royal Decree) |
| 4 | Notification to Poster of complaint and temporary restriction | Concurrent with Step 3 |
| 5 | Final determination and action (removal or reinstatement) | Within 7 business days of a validated complaint |
| 6 | Notification of outcome to Complainant | Upon final determination |
The 24-hour mandatory takedown period prescribed by the MDES Ministerial Notification applies exclusively to content constituting an imminent threat to national security or content the relevant authority has formally designated as requiring emergency removal. In such cases, Step 3 is compressed to the mandatory 24-hour window.
4.5 Outcome of a Validated IP Complaint
Where the Platform determines that a complaint is valid, we will:
- (a) remove or disable access to the identified infringing content;
- (b) notify the Poster of the removal and the basis for it; and
- (c) record the action for repeat-infringer tracking purposes.
We reserve the right, in our sole discretion, to suspend or permanently terminate the account of a User who accumulates three (3) or more validated IP complaints ("repeat-infringer policy").
4.6 Counter-Notification by the Poster
A Poster whose content has been removed may submit a counter-notification. A valid counter-notification must include:
- (a) identification of the removed content and its location before removal;
- (b) a statement, made under penalty of perjury, that the Poster has a good-faith belief the content was removed as a result of mistake or misidentification;
- (c) the Poster's full legal name, postal address, and email address;
- (d) a statement that the Poster consents to the jurisdiction of the courts identified in Section 10 of this Policy; and
- (e) the Poster's signature.
Upon receipt of a valid counter-notification, the Platform will:
- (i) notify the original Complainant of the counter-notification within 2 business days;
- (ii) allow the Complainant 10 to 14 calendar days to notify us of any court or arbitral proceedings initiated; and
- (iii) if no proceedings are notified within that period, reinstate the content at our discretion.
Submission of a false or materially misleading counter-notification may expose the Poster to civil and criminal liability.
5. Content Complaints (Illegal, Prohibited, or Harmful Content)
5.1 Scope
Section 5 applies to complaints alleging that a listing or any content on the Platform:
- (a) violates Thai law, including the Computer Crime Act B.E. 2550 (Section 14), the Consumer Protection Act B.E. 2522, or the Customs Act B.E. 2560 regarding prohibited imports;
- (b) advertises or facilitates the sale of goods or services in the Platform's Prohibited Items categories, including firearms and ammunition, controlled substances and precursors, counterfeit goods or forged documents, trafficked persons or services, child sexual abuse material, stolen property, pyramid schemes, uncertified medical devices, and unlicensed financial products;
- (c) contains false or misleading information capable of causing public damage (subject to the 7-day mandatory removal period under the MDES Ministerial Notification); or
- (d) threatens national security, public order, or good morals under applicable Thai law (subject to the 24-hour mandatory removal period).
5.2 Required Information
A valid Content Complaint must include:
- (a) the Complainant's name and contact information (email address required);
- (b) the specific URL or listing identifier of the content complained about;
- (c) a description of the alleged violation and the legal or policy provision it is said to breach;
- (d) any supporting evidence (screenshots, references to applicable regulations); and
- (e) whether the Complainant is reporting on their own behalf or on behalf of a third party, and if the latter, in what capacity.
Anonymous complaints will be assessed on a best-efforts basis but may not trigger counter-notification rights for the Poster.
5.3 Mandatory Removal Timelines
| Category of Content | Mandatory Removal Deadline | Authority |
|---|---|---|
| Content threatening national security, causing public panic, or designated by competent authority as an emergency | 24 hours from receipt of valid authority notice or validated complaint | CCA B.E. 2550 s.15 + MDES Ministerial Notification (December 2022) |
| False or distorted data capable of causing damage to the public | 7 days from receipt of valid complaint | MDES Ministerial Notification (December 2022) |
| Prohibited marketplace content (own-initiative or complaint) | 3 business days from validated complaint | Royal Decree B.E. 2565 / ETDA standard |
| Other unlawful content | 5 business days from validated complaint | CCA B.E. 2550; Platform policy |
For complaints submitted by Thai regulatory authorities or law-enforcement agencies with the requisite legal authority, we will act immediately on the authority's instruction without awaiting independent validation, to avoid Platform liability under CCA Section 15.
5.4 Processing and Outcome
The Trust & Safety Team will:
- (a) acknowledge receipt within 24 hours;
- (b) assess the complaint against applicable law and Platform policy within the timelines in Section 5.3;
- (c) where content is removed, notify the Poster, providing the reason and reference to this Policy; and
- (d) notify the Complainant of the outcome.
Removal of content does not constitute an admission of liability by the Platform. We may decline to remove content where we reasonably determine a complaint is unfounded, made in bad faith, or constitutes an abuse of this process.
6. Personal Data Removal Requests
6.1 Legal Basis
Section 6 implements the data subject rights conferred by the PDPA, in particular:
- Section 33 (right to erasure / right to be forgotten);
- Section 34 (right to restrict processing);
- Section 32 (right of access);
- Section 30 (right to withdraw consent).
The Platform is the Data Controller for personal data collected from and about Users. For Users who access the Platform from jurisdictions with additional data protection frameworks (including, by way of awareness, the EU General Data Protection Regulation 2016/679 and equivalent national laws), we apply materially equivalent standards to the extent operationally practicable, recognising that PDPA applies as the lex loci for Thai-based operations.
6.2 Right to Erasure (Right to be Forgotten)
6.2.1 A data subject may request erasure of their personal data held by the Platform where:
- (a) the personal data is no longer necessary for the purpose for which it was collected or processed;
- (b) the data subject withdraws the consent on which processing was based, and there is no other lawful basis for processing;
- (c) the data subject objects to processing under Section 32(1) of the PDPA (legitimate-interests basis) and there are no overriding legitimate grounds;
- (d) the personal data has been processed in violation of the PDPA; or
- (e) erasure is required to comply with a legal obligation under Thai law.
6.2.2 The right to erasure does not apply, and the Platform may refuse a request, where continued processing is necessary for:
- (a) compliance with a legal obligation under Thai law (including tax retention obligations of 5-7 years under the Revenue Code B.E. 2481 and seller verification records required to be maintained for 10 years under the Royal Decree);
- (b) the establishment, exercise, or defence of legal claims; or
- (c) any other purpose permitted under PDPA Section 33.
6.2.3 Where erasure is not available, the Platform will, where technically feasible, offer de-identification or restriction of processing as an alternative, unless the data was processed unlawfully, in which case only full erasure is permissible.
6.3 Right to Opt-Out / Withdraw Consent
A data subject may withdraw consent for any specific processing purpose at any time by submitting a request in accordance with Section 6.4. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal. Withdrawal of consent for processing necessary to provide the core marketplace service may result in account suspension.
6.4 Submission of a Data Subject Access or Removal Request ("DSAR")
Who may submit: The data subject themselves, or a person authorised to act on the data subject's behalf in writing.
How to submit: By email to the DPO at the address specified in Section 3, with the subject line: "DSAR - [Type of Request]".
Required information:
- (a) full name of the data subject;
- (b) email address associated with the Platform account (if applicable);
- (c) type of request (access / erasure / restriction / portability / objection / consent withdrawal);
- (d) specific personal data or categories of data to which the request relates;
- (e) reason for the request (required for erasure and objection requests to enable assessment); and
- (f) copy of a government-issued identity document for identity verification (we will process and then securely delete this verification document).
We will not charge a fee for processing a DSAR unless the request is manifestly unfounded or excessive.
6.5 Response Timelines
| Request Type | Response Deadline | Legal Basis |
|---|---|---|
| Access / Rectification / Objection | 30 calendar days from receipt of complete request | PDPA Section 32-34 |
| Erasure / De-identification | 90 calendar days from receipt of complete request | PDPA + Criteria on Deletion (in force 11 November 2024) |
| Consent withdrawal | Immediate suspension of processing for that purpose; 30 days to confirm action | PDPA Section 30 |
| Data portability | 30 calendar days | PDPA Section 31 |
Where a request is complex or involves a high volume of data, we may extend the 30-day period by up to 60 additional days, notifying the data subject within the initial 30 days of the extension and the reason for it.
6.6 Requests Relating to Personal Data in Listings Posted by Other Users
Where a Complainant seeks removal of their personal data that has been included in a listing posted by another User (for example, their contact details, image, or identifying information), we will:
- (a) treat the complaint as both a Content Complaint under Section 5 and a DSAR under this Section 6;
- (b) assess the listing under our prohibited content policy (personal data of third parties may not be listed without consent); and
- (c) remove the listing or redact the relevant personal data within 3 business days of a validated complaint.
6.7 Cross-Border Data Transfer Disclosure
Personal data may be processed by the Platform's processors and sub-processors located outside Thailand, including cloud infrastructure providers. All such transfers are effected under Standard Contractual Clauses or equivalent transfer mechanisms in accordance with PDPA Sections 28-29 (in force 24 March 2024) and the cross-border transfer rules issued by the PDPC. Details of processing locations and applicable safeguards are set out in our Privacy Policy, available at [URL to Privacy Policy].
6.8 Right to Complain to the PDPC
A data subject who considers that the Platform has not complied with their rights under the PDPA may submit a complaint to the Personal Data Protection Committee (PDPC), Office of the National Digital Economy and Society Commission, at the contact details published on the PDPC's official website.
7. Law-Enforcement and Regulatory Authority Requests
7.1 The Platform will respond to requests from Thai regulatory authorities, law-enforcement agencies, and courts in accordance with applicable Thai law, including the Computer Crime Act B.E. 2550 and the Royal Decree B.E. 2565. We will not disclose User data to third parties, including authorities, except as required by a valid legal order, warrant, or court process, or where we have a good-faith belief that disclosure is necessary to prevent an imminent threat to life or national security.
7.2 Authorities should direct requests to the Legal Counsel contact address in Section 3. We request that all authority requests be accompanied by the relevant statutory authority, case number, and identifying information for the content or data sought.
7.3 Where operationally and legally permissible, we will notify the affected User of an authority request before disclosure, unless such notification is prohibited by law or would impede a legitimate investigation.
8. Anti-Abuse and Bad-Faith Complaints
8.1 Submission of a complaint known to be false, materially misleading, or intended to cause the removal of content without legitimate legal or policy basis constitutes an abuse of this Policy.
8.2 A Complainant who knowingly submits a materially false IP Complaint or Content Complaint may be liable to the Poster or to the Platform for damages arising from wrongful takedown, including under Thai civil law (Civil and Commercial Code B.E. 2468).
8.3 The Platform reserves the right to decline, deprioritise, or refer to legal counsel any complaint that it reasonably believes to constitute abuse of this process, without prejudice to its obligation to act on valid complaints within the mandatory timelines.
9. Record-Keeping and Transparency
9.1 The Platform maintains records of all complaints received, actions taken, and outcomes for a minimum period of:
- (a) 5 years, for IP Complaints and Content Complaints; and
- (b) as required by the PDPC and applicable retention criteria, for DSARs.
9.2 The Platform may publish periodic transparency reports summarising complaint volumes, categories, and takedown rates, without identifying individual Complainants, Posters, or the content of complaints. Such publication is made on a voluntary basis to support accountability under the Royal Decree and international platform governance standards.
10. Governing Law and Dispute Resolution
10.1 This Policy is governed by the laws of the Kingdom of Thailand.
10.2 Any dispute arising from the application of this Policy between the Platform and a User or Complainant that cannot be resolved through the procedures set out herein shall be subject to the non-exclusive jurisdiction of the competent courts of [Bangkok / specify city], Thailand.
10.3 For Users resident in jurisdictions that confer mandatory consumer protection rights, nothing in this Policy limits the User's right to bring a claim before the competent authority or court in their jurisdiction of residence to the extent required by applicable mandatory law.
10.4 For data-protection disputes, the PDPC has jurisdiction to receive complaints, issue enforcement orders, and impose administrative penalties under the PDPA, irrespective of any contractual choice of forum.
11. Policy Updates
11.1 The Platform reserves the right to amend this Policy at any time to reflect changes in applicable law, regulatory guidance, or Platform operations. Amendments will be published on the Platform website with an updated effective date.
11.2 Material changes - in particular, changes to complaint timelines, contact addresses, or data subject rights procedures - will be notified to registered Users by email or in-platform notification at least 14 days before taking effect, to the extent practicable.
11.3 Continued use of the Platform following publication of an amended Policy constitutes acceptance of the amended Policy.
12. Contact Summary
| Purpose | Contact |
|---|---|
| Intellectual property complaints | ip@postim.life |
| Illegal / prohibited content reports | abuse@postim.life |
| Personal data removal / DSAR | privacy@postim.life |
| Law-enforcement / regulatory | legal@postim.life |
| General legal notices | legal@postim.life |
| Postal address | [Registered address - to be confirmed on operator formalization] |
Last updated: 27 June 2026
Version: 1.0-DRAFT
`