TOPUP MORE

Privacy Policy

Last updated: 1 June 2026

This Privacy Policy explains how Topup More (“we”, “us”, “our”) collects, uses, discloses, and protects your personal data when you use our website and services. We process personal data in accordance with Thailand’s Personal Data Protection Act B.E. 2562 (2019) (“PDPA”). By using Topup More, you acknowledge that you have read and understood this policy.

1. Introduction

Topup More is an online store that sells in-game top-up packages and digital game items. This policy applies to all visitors and registered users of our website and related services. It describes what personal data we handle and the choices and rights you have.

If you do not agree with this policy, please discontinue use of the service. We may provide additional notices for specific features where required by law.

2. Information We Collect

We collect the following categories of personal data.

Information you provide to us:

  • Account details — your email address and/or mobile number, password (stored only in hashed form), and display name.
  • Profile information — an optional avatar image and your contact preferences.
  • Identity-verification documents — information and images you submit when verifying your identity, for features that require verification.
  • Transaction details — wallet top-ups, purchases, order history, and the in-game account identifiers you enter so we can deliver your items.
  • Support communications — messages, attachments, and information you share with us through live chat or other support channels.

Information we receive from third parties:

  • Social login — when you sign in with Google, Facebook, or LINE, we receive basic profile information (such as your name, email, and a provider account identifier) according to that provider’s settings and your consent.
  • Payment confirmations — our payment partners notify us whether a payment succeeded or failed. We do not receive or store your full card number.
  • Order fulfilment — we exchange the information needed to deliver your order with our game-content suppliers.

Information collected automatically:

  • Device and connection data — your IP address, browser type, and device information (user-agent).
  • Cookies and local storage — used to keep you signed in and to remember your preferences (see Section 4).
  • Usage and log data — pages viewed, actions taken, and timestamps, which help us operate and secure the service.

3. How We Use Your Information

We use personal data to:

  • create and manage your account and authenticate you;
  • process wallet top-ups, purchases, and refunds, and maintain your wallet balance and transaction records;
  • deliver the digital items you order;
  • provide customer support and respond to your enquiries;
  • detect, prevent, and investigate fraud, abuse, and security incidents;
  • comply with legal, tax, and accounting obligations; and
  • operate, analyse, and improve our service.

Under the PDPA, we rely on the following legal bases: performance of our contract with you, your consent (which you may withdraw), our legitimate interests in running and securing the service, and compliance with legal obligations.

4. Cookies & Local Storage

We use a small number of cookies and browser-storage values that are necessary for the service to function:

  • Authentication cookies — a secure, http-only cookie keeps you signed in and lets us refresh your session.
  • Sign-in handover — a short-lived, http-only cookie is used briefly to complete social login.
  • Preferences — your language and list-view choices are stored in your browser’s local storage.

These are essential to providing the service. You can clear cookies and local storage through your browser settings, but doing so may sign you out or reset your preferences.

5. How We Share Your Information

We do not sell your personal data. We share it only with the following recipients, and only as needed:

  • Payment providers — to process top-ups and payments securely.
  • Game-content suppliers — to fulfil and deliver the items you purchase.
  • Hosting and content-delivery providers — to operate our website and serve images and files.
  • Communication providers — to send emails and SMS messages, such as one-time codes.
  • Identity providers — Google, Facebook, and LINE, when you choose social login.
  • Authorities and advisers — when required by law or legal process, or to protect our rights, our users, and the public.

We require our service providers to protect your data and to use it only for the purposes we specify.

6. International Data Transfers

Some of our service providers operate outside Thailand. Where personal data is transferred abroad, we take steps to ensure it receives a level of protection consistent with the PDPA, such as relying on adequate safeguards or your consent where applicable.

7. Data Retention

We keep your personal data for as long as your account is active and as long as needed to provide the service. We retain transaction and wallet-ledger records for the periods required by tax, accounting, and other laws, even after an account is closed. Identity-verification records are kept for as long as required for legal and fraud-prevention purposes. When data is no longer needed, we delete or anonymise it.

8. How We Protect Your Information

We take reasonable technical and organisational measures to protect your data. Passwords are stored using strong one-way hashing, data is encrypted in transit, access to systems is restricted, and our financial records are kept in an append-only ledger. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work continuously to safeguard your information.

9. Your Rights Under the PDPA

Subject to the conditions of the PDPA, you have the right to:

  • access and obtain a copy of your personal data;
  • request correction of inaccurate or incomplete data;
  • request deletion or anonymisation of your data;
  • request that we restrict or suspend the use of your data;
  • object to certain processing of your data;
  • request the transfer of your data to you or to another controller; and
  • withdraw consent at any time, without affecting processing already carried out.

To exercise any of these rights, contact us using the details in Section 12. You also have the right to lodge a complaint with the Personal Data Protection Committee (PDPC) if you believe your rights have been infringed.

10. Children’s Privacy

Our service is not directed to children below the age at which consent is valid under applicable law. Where a user is a minor, the consent of a parent or legal guardian is required. If we learn that we have collected personal data from a child without the necessary consent, we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “last updated” date above and, where appropriate, provide additional notice. Your continued use of the service after an update means you accept the revised policy.

12. Contact Us

If you have questions about this policy or wish to exercise your rights, please contact us using the details below:

  • Operated by TOPUP MORE CO., LTD.
  • Company registration no.: 0105569099050
  • Email: [email protected]