Title

Privacy Policy

  • Home
  • Privacy Policy

The Company realizes the importance of protecting your personal data in order to receive the Company's products and services. The Company is required to process the personal data of the service users. Therefore, the Company aims to announce this Privacy Policy to inform the rights and duties, including conditions related to the collection, use or disclosure of personal data that the Company will proceed to inform the service users. The Company assures you that all your personal data is important to the Company. The Company guarantees to protect and process personal data with the best appropriate security measures and all your data will be kept confidential. The Company recommends that you read and understand this Privacy Policy to be aware of the purposes for which the Company collects, uses or discloses your personal data, as well as the rights of the owner of the personal data to you, as detailed below.

1. Scope of application

This Privacy Policy under the Personal Data Protection Act B.E. 2562 covers all personal data processing carried out by the Company, including any person who knows the personal data in connection with the Company's operations, who must comply with this Privacy Policy and the framework prescribed by law. For personal data collected before the Personal Data Protection Act B.E. 2562 came into force, the Company can continue to collect and use such personal data for the original purposes. However, disclosure and other actions other than the collection and use of personal data above must comply with the Personal Data Protection Act B.E. 2562.

2. Definition

  • Privacy Policy It means the policy that the Company has established to inform the personal data owner about the Company's data processing and the details as specified in the Personal Data Protection Act B.E. 2562.
  • Personal Data It means information about an individual which enables the identification of that individual, either directly or indirectly, but does not include information about a deceased person in particular.

    However, the following information is not personal data, such as business contact information that does not identify an individual, such as company name, company address, company registration number, work telephone number, work email address such as info@company.co.th,anonymous data or pseudonymous data that has been made unable to identify an individual by technical means (Pseudonymous Data), information on deceased persons, etc.

  • Sensitive Data It means personal data regarding race, ethnicity, political opinions, religious or philosophical beliefs, sexual behavior, criminal history, health information, disability, genetic information, biometric data or any other information that affects the owner of personal data in a similar manner as announced/specified by the Personal Data Protection Committee. Hereinafter in this policy, if not specifically mentioned, “personal data” and “sensitive data” related to the above service users shall be collectively referred to as "personal data".
  • Processing It means any action with personal data such as collecting, recording, organizing, structuring, storing, updating, changing, retrieving, using, disclosing, transmitting, publishing, transferring, combining, deleting, destroying.
  • Data Subject It means a natural person who is the owner of personal data.
  • Data Controller It means a person or other legal entity who has the authority to make decisions regarding the collection, use or disclosure of personal data.
  • Data Processor It means a person or legal entity that performs actions related to the collection, use or disclosure of personal data at the instruction of or on behalf of the data controller, whereby such person or legal entity is not the data controller.
  • Cookies It means a small computer file that temporarily stores necessary personal data on the personal data owner's computer for the convenience and speed of accessing the website.

3. Personal data collected by the Company

  • 3.1 The Company may collect personal data as follows:
    • 3.1.1 Personal Data Such as title, full name, gender, age, occupation, qualifications, job title, position or status, type of business, nationality, country of residence, date of birth, marital status, information on government-issued cards (e.g. national identification card number, social security number, passport number, taxpayer identification number, driver's license information or similar identification documents, etc.), house registration, signature, voice, voice recordings, images, photographs, video recordings, video clips, immigration details such as arrival and departure dates, salary, and other personal information that you have provided to the Company, etc.
    • 3.1.2 Contact details Such as address, shipping details, billing details, communication details, invoice address, telephone number, mobile number, fax number, work phone number, email, LINE ID, Facebook ID, Google ID, Twitter or X ID, and user accounts on other social media websites, etc.
    • 3.1.3 Financial data Such as Credit/debit card or banking information, credit/debit card number, type of credit card, date of issue/expiration date, billing cycle, account details, details and payment history, your information related to risk profile for business partners, credit rating and solvency, information according to risk assessment form (Information in Accordance with the Declaration of Suitability) and other financial information.
  • 3.2 The Company has no policy of collecting sensitive data from you. However, if the Company needs to collect such personal data, the Company will seek your express consent before collecting such personal data or unless there is a legal reason to collect such data without seeking consent.
  • 3.3 You agree not to provide any inaccurate and/or misleading data to the Company and you agree to notify the Company of any inaccuracy or change in such data. The Company reserves the right to request the submission of any additional documents to verify the data you have provided to the Company as the Company deems appropriate.
  • 3.4 If you have provided the Company with personal data of a third party (e.g. beneficiaries, emergency contacts, referrals and referees), such as name, surname, address, telephone number and other personal and contact information for emergency contact, filling out an application or conducting your transaction with the Company. You certify that such data is lawful. Please inform such persons of this Privacy Policy and/or obtain their consent.

4. Sources of personal data collected by the Company

The Company collects or obtains various types of personal data from the following sources:

  • 4.1 Collection of personal data directly from you Personal data that the Company collects directly from the owner of personal data through various service channels, such as:
    • (1) When you access and/or use the Company's services
    • (2) When you submit a form, including but not limited to an application form or any other form related to the Company's products and services, whether online or in paper form.
    • (3) When you enter into any agreement or provide any other documents or information related to your dealings with the Company, or when you use the Company's products and services.
    • (4) When you interact with the Company, such as via telephone, letter, fax, face-to-face meetings, social media platforms and email addresses, including when you interact with customer service agents.
    • (5) When you use electronic services or contact the Company through the website platform or use the services, including but not limited to using cookies, which the Company may deploy when you use or access the website.
    • (6) When you conduct transactions through the Company's services.
    • (7) When you provide comments or complaints to the company.
    • (8) Data that the Company collects from the owner of personal data accessing the website, products or other services under the contract or mission, such as tracking the behavior of the use of the Company's website, products or services by using cookies or from software on the owner's device, etc.
    • (9) When you submit your personal data to the Company for any reason, etc.
  • 4.2 Collection of personal data from other sources
    • 4.2.1 Collection of personal data from other sources, such as public information and/or affiliates (e.g. receiving information from service providers hired by the Company to collect personal data on its behalf), the Company's business partners, agencies for which the Company provides services (including websites and social network usernames of such agencies), official sources, government agencies with reliable databases on individuals, government agencies (e.g. the Revenue Department, the Department of Enforcement, the Ministry of Commerce, the Courts), and from other third parties (e.g. those who refer customers, your representatives, dealers, or any other person authorized by you).
    • 4.2.2 The Company's Platform uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, which are text files stored on your computer, to help the web platform analyze how users use it. The data generated by the cookies about your use of the web platform (including your IP address) will be transmitted to and stored on servers by Google in the United States. Google will use this information to evaluate web platform usage, compile reports on web platform activity for web platform providers, and provide other services related to web platform activity and internet usage. Google may also pass this data to third parties where required to do so by law or where such third parties process the data on Google's behalf, and your IP address will not be associated with any other data held by Google.

5. Purpose of processing personal data

The Company uses methods of collecting, using, and disclosing personal data in a lawful and fair manner, by storing only personal data necessary for the purpose of contacting, providing services, public relations, or providing information, including surveying opinions of personal data owners on the Company's business or activities, within the Company's operational objectives only or as required by law. If there is a change in purpose, the owner of the personal data will be notified and additional records will be kept as evidence, including compliance with the Personal Data Protection Act.

6. Processing of personal data

The Company will process your personal data with the purpose, scope and use of lawful, transparent and fair methods under the following processing bases:

  • 6.1 Collection of personal data

    The collection of personal data shall be done within the objectives and only to the extent necessary within the framework of the objectives or for benefits directly related to the purpose of collection. The owner of the personal data must be informed before or at the time of collecting the personal data as follows:

    • (1) Purpose of collection
    • (2) Personal data collected
    • (3) In cases where the owner of personal data must provide personal data in order to comply with the law or contract or to enter into a contract, the owner must be informed of the possible consequences of not providing personal data to the owner of personal data.
    • (4) Categories of persons or entities to whom collected personal data may be disclosed.
    • (5) Rights of personal data owners.
  • 6.2 Use of personal data

    The Company will use personal data when it considers it beneficial to you in order for you to receive good services from the Company's business operations. The Company will use personal data in accordance with the law and relevant regulations or to improve the efficiency of the service, including the purposes notified to you under this Privacy Policy, to develop information security standards for risk management, detect and prevent activities that are likely to violate the law, relevant usage regulations or website usage agreements, and to contact you via telephone, SMS, email or post or through any other channels to inquire or inform you, or to check and confirm information, or to survey opinions or to provide any other information related to the Company's products and services as necessary.

  • 6.3 Disclosure of personal data
    • 6.3.1 The Company will disclose your personal data to third parties for the purpose of increasing the efficiency of providing services in various aspects to you or providing other conveniences to you correctly and continuously so that you can successfully complete the transactions you wish and achieve maximum benefit by disclosing personal data in accordance with the objectives or as necessary for the benefits that are directly related to the objectives of collection and must obtain the consent of the data owner beforehand or at that time, except in the following cases, consent is not required.
      • (1) For the benefit of planning, statistics or censuses of government agencies.
      • (2) To prevent or suppress danger to life, body or health of individuals.
      • (3) It is data that is legally disclosed to the public.
      • (4) For the benefit of legal investigations by officials or in the court's consideration of cases.
      • (5) It is in compliance with the law or court order.
    • 6.3.2 The Company may disclose your personal data to third parties, whether they are juristic persons or natural persons, to the extent necessary for the purposes set out in this Privacy Policy, which may include:
      • (1) Affiliates, business partners, subsidiaries and/or external service providers to provide services in offering benefits and other services of the Company to the owner of personal data, including the development, improvement of the Company's products or services, such as data analysis, data processing, credit card operations, providing information technology services and preparing related infrastructure, developing customer service platforms, sending emails/SMS, website development, satisfaction surveys, customer relationship management, whereby there will be an agreement to keep personal data confidential. In the case of a juristic person, there must be a standard for protecting personal data that is accepted.
      • (2) Government agencies or other legal organizations to comply with laws, orders, requests, and to coordinate with various agencies on matters related to compliance with the law.

      The Company will require the recipients of the data to have appropriate measures to protect your data and process such personal data only to the extent necessary and take steps to prevent unauthorized use or disclosure of personal data.

7. Restrictions on use and/or disclosure of personal data

  • 7.1 The Company will use and/or disclose your personal data only with your consent, and it must be used only for the purposes for which the Company collected and stored the data. The Company shall supervise its employees, officers or operators not to use and/or disclose your personal data outside of the purpose for which the personal data was collected or disclose it to external parties except:
    • 7.1.1 It is a compliance with laws such as the Personal Data Protection Act, the Electronic Transactions Act, the Telecommunications Business Act, the Anti-Money Laundering Act, the Civil and Criminal Code, the Civil and Criminal Procedure Code, etc.
    • 7.1.2 It is for the benefit of the investigation of the investigator or the court's consideration of the case.
    • 7.1.3 For your benefit and the request for consent cannot be made at that time.
    • 7.1.4 It is necessary for the legitimate interests of the Company or of an individual or legal entity other than the Company.
    • 7.1.5 It is necessary to prevent or suppress danger to the life, body or health of an individual.
    • 7.1.6 It is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into such contract.
    • 7.1.7 To achieve the objectives related to the preparation of historical documents or archives for public benefit or for study, research, or statistics for which appropriate preventive measures have been provided.
  • 7.2 The Company may use information services of third-party service providers to store personal data, which providers must have security measures in place, prohibiting them from collecting, using, or disclosing personal data other than as specified by the Company.

8. Providing services by third parties or sub-service providers

The Company may entrust or engage third parties (Data Processors) to process personal data on its behalf or in its name, which may provide services such as hosting, outsourcing, or acting as a cloud services provider or in other forms of contract work. In assigning a third party to process personal data as a data processor, the Company will provide an agreement specifying the rights and duties of the Company as a data controller and of the person assigned by the Company as a data processor, which includes specifying details of the types of personal data assigned by the Company to process, including the purposes, scope of processing personal data and other relevant agreements. The data processor is responsible for processing personal data only according to the scope specified in the agreement and as instructed by the Company. It cannot process for other purposes. Where the data processor has assigned a sub-service provider (sub-processor) to process personal data on behalf of or on behalf of the data processor. The Company shall direct the data processor to prepare a documented agreement between the data processor and the sub-processor in a format and standard no less than the agreement between the Company and the data processor.

9. Sending or transferring personal data abroad

The Company may need to send or transfer your personal data to affiliates or other persons abroad or to other recipients as part of the Company's normal business operations, such as sending or transferring personal data to be stored on servers/clouds in various countries in cases where it is necessary to perform a contract to which you are a party or to perform a contract between the Company and other persons or juristic persons for your benefit or to take action at your request before entering into a contract or to prevent or suppress dangers to your life, body or health or that of other persons, to comply with the law or to perform a mission for important public interest.

In cases where the destination country has insufficient standards regarding personal data protection. The Company shall supervise the sending or transfer of personal data in accordance with the law and shall take action to have measures to protect personal data that it deems necessary and appropriate in accordance with the confidentiality standards, such as having a confidentiality agreement with the recipient of the data in such country or in the case that the recipient of the data is a company affiliated with the same business/industry, the Company may choose to use the method of having a privacy policy that has been reviewed and certified by the authorities under the relevant law and shall take action to ensure that the sending or transfer of personal data to the company affiliated with the same business/industry is in accordance with such personal data protection policy instead of taking action as required by law.

10. Storage and retention period of personal data

The Company will retain your personal data for the period necessary while you are a customer or continue to use the Company's services or for the period necessary to achieve the objectives related to this policy, which may be required to be retained thereafter if required or permitted by law, such as storage under the Anti-Money Laundering Act, storage for the purpose of verification in case of possible disputes within the statute of limitations as prescribed by law for a period not exceeding 10 years.

The Company will delete or destroy your personal data or make it unidentifiable when it is no longer necessary or when the said period has expired.

11. Use of Cookies

Cookies are information that we send to the computer or device via the personal data owner's web browser in the event that the personal data owner accesses the Company's website or other online channels and installs such information on the personal data owner's system. If cookies are used, the Company's website will be able to record or remember the data of the owner of the personal data until the owner of the personal data leaves the web browser or until the owner of the personal data deletes the cookies or does not allow the cookies to work anymore.

The use of cookies will make it more convenient for your personal data to use the services via the Company's website because cookies will help remember the websites that your personal data visits. The Company may request your consent to use the information that cookies have recorded or collected in the following cases:

  • (1) To use for statistical analysis of website usage or in other Company activities.
  • (2) To develop the website, content, and other things within the website to meet user needs.

The Company will use cookies to improve or enhance the efficiency of the website. They will be collected upon consent from the visitor to the Company's website and no marketing information, tracking, or interest of the website visitors will be collected to do any marketing to the website visitors.

12. Right to link to third party websites

When using the Company's website, there may be links to social networks, platforms and other websites operated by third parties. The Company endeavors to link only to websites that comply with privacy standards. However, the Company is not responsible for the content or privacy standards of other websites, unless otherwise stated. Any personal information you provide to such third party websites will be collected by such parties and is subject to such third party's privacy notice/policy (if any). In such cases, the Company has no control over, and is not responsible for, such third parties' use of your personal data.

13. Security measures for personal data

The security of your personal data is important to the Company and the Company has implemented appropriate technical and managerial security measures to protect personal data from loss, unauthorized access, use or disclosure, misuse, alteration and destruction by using security technologies and procedures such as encryption and restricting access to ensure that only authorized individuals have access to your personal data and that these individuals are trained on the importance of protecting personal data. The Company has appropriate security measures in place to prevent the loss, access, use, alteration, modification, or disclosure of personal data from persons who have no rights or responsibilities related to such personal data, and will review such measures when necessary or when technology changes in order to maintain appropriate security.

The Company shall not be liable for any damages resulting from the use or disclosure of personal data to third parties, including negligence or neglect to log out of the system that the data owner has used by the action of the data owner or other persons who have been authorized by the data owner.

14. Data owner rights

You have the following rights:
  • (1) The right to withdraw your consent for the Company to process your personal data.
  • (2) The right to access and receive a copy of personal data that the Company has collected, used and disclosed.
  • (3) Your right to request portability of your personal data.
  • (4) Your right to object to the processing of your personal data.
  • (5) Your right to object to the processing of your personal data.
  • (6) Your right to suspend the use of your personal data.
  • (7) The right to request correction of your personal data to be accurate, current, complete and not misleading.
  • (8) The right to lodge a complaint in the event that you believe that the Company or its officers or agents have violated your rights under the Personal Data Protection Act B.E 2562.

Any request to exercise your rights as stated above must be in writing and the Company will use its best efforts to act within a reasonable time and not exceeding the time limit prescribed by law. The Company will comply with legal requirements regarding your rights as a data subject. The exercise of your rights under Section 14 may be restricted under relevant laws, and in some cases there are necessary circumstances where the Company may refuse or be unable to act on your request to exercise the above rights, such as having to comply with the law or court order for the public interest, the exercise of rights may infringe on the rights or freedoms of other persons, etc. If the Company rejects the above request, the Company will inform you of the reason for the rejection. The Company reserves the right to charge any service fees related to and necessary for the processing of personal data as requested by you.

15. Changes to the Privacy Policy

The Company will review the Privacy Policy regularly to ensure compliance with applicable practices and laws and regulations. If there are any changes to this Privacy Policy, the Company will notify you of any significant changes to this Privacy Policy along with the updated version through appropriate channels. The Company recommends that you check this Policy periodically for any changes.

16. Applicable Law

You acknowledge and agree that this Privacy Policy shall be governed by and construed in accordance with the laws of Thailand and that the Thai courts shall have exclusive jurisdiction over any disputes that may arise.

17. Compliance with Privacy Policy and contact channels

In case you have any questions or suggestions regarding this Privacy Policy or compliance with this Privacy Policy. The company is happy to answer questions and listen to your suggestions. You can contact the company at "Contact Us". You agree that the Company's discretion is final.