top of page
Privacy Policy

The company recognizes the importance of personal data protection, a fundamental right guaranteed by the Constitution of the Kingdom of Thailand and the Personal Data Protection Act B.E. 2562 (2019). No individual shall be subjected to infringement of their personal data rights that results in damage to their reputation, defamation, hatred, or social devaluation.

Everyone has the right to legal protection, and in order to respect individual rights, the company has announced this policy to serve as a guideline for the protection of personal data (Personal Data Protection Policy) of customers and related parties as follows:

2. Personal Data

Personal data means information about an individual that makes it possible to identify that individual, whether directly or indirectly, but excludes information about deceased persons and information about legal entities.

3. Limited Collection of Personal Data

The collection of personal data will be done with a purpose, scope, and using lawful methods to collect and store personal data only as necessary under the Company's objectives. The Company will obtain written and/or electronic consent from the data subject in accordance with the Company's prescribed form. The Company will collect personal data of data subjects, which may include information on race, religion or philosophy, criminal history, health information, biometric data, disability, trade union information, identity, or any other relevant information. The Company will obtain the data subject's consent before collecting such personal data, except...

1. To comply with laws, such as the Personal Data Protection Act, the Electronic Transactions Act, the Anti-Money Laundering Act, the Civil and Criminal Code, the Civil and Criminal Procedure Code, etc.

2. For the benefit of investigation by police officers or for court proceedings.

3. Necessary for the legitimate interests of the Company or of other individuals or legal entities other than the Company.

4. Necessary to prevent or mitigate harm to the life, body, or health of the data subject, and obtaining consent is not possible at that time.

5. Necessary to fulfill a contract to which the data subject is a party and/or a related party, or to act in accordance with the data subject's request prior to entering into that contract.

6. To achieve objectives related to the compilation of historical documents or archives for the public benefit, or for educational, research, or statistical purposes, the company or authorized government agency may implement appropriate personal data protection measures.

 

4. Data Security and Quality Measures

The company recognizes the importance of maintaining the security of personal data. Therefore, the company has established appropriate security measures to protect personal data from loss, unauthorized access, destruction, use, alteration, or disclosure. These measures also prevent the unauthorized use of personal data.

Personal data, such as name, age, address, telephone number, national identification number, or any other information that can identify the individual data subject and is accurate, will only be used for the company's operational purposes. The company will protect personal data using appropriate measures to safeguard the rights of data subjects.

5. Purposes of Collecting, Storing, and Using Personal Data

The company will collect, store, and use personal data for the benefit of providing services to data subjects, including services of interest such as news services, electronic services, or for market research and promotional activities, or for the purpose of analyzing and presenting any services or products of the company, or individuals who are vendors or associated with the company, and/or other individuals. And for any other purposes not prohibited by law and/or to comply with any laws or regulations applicable to the Company, both present and future, including consent to the Company sending, transferring, and/or disclosing personal data to the Company, its business groups, trading partners, external service providers, data processors, agencies, organizations, or any legal entities that have contracts with the Company or have relationships with it, by consenting to the Company sending, transferring, and/or disclosing such data both domestically and internationally. The Company will retain such personal data only for the period necessary for those purposes. If the Company amends or changes the purposes for collecting such personal data, the Company will notify the data subject at a later date.

 

6. Restrictions on the Use and/or Disclosure of Personal Data

The Company may not use and/or disclose the personal data of the data subject without their consent. Such use and/or disclosure of personal data must be solely for the Company's purposes. The Company will not use and/or disclose the personal data of the data subject beyond these purposes or to third parties, except where there are legal limitations, such as compliance with the law, actions taken for the legitimate interests of the data subject, the Company, or other legal entities, actions to prevent or mitigate harm to life or body, compliance with a contract, and the creation of historical documents or research for the Company or an authorized agency.

Furthermore, the Company may use the information services of third-party service providers to process and store personal data. Such service providers must have appropriate security measures in place and are prohibited from collecting, using, or disclosing the personal data of the data subject beyond what the Company specifies.

7. Rights Regarding Personal Data of Data Subjects

1) Data subjects have the right to request access to or receive their personal data, such as requesting a copy of their personal data according to the criteria and methods determined by the Company, or requesting disclosure of how their personal data was obtained. However, the Company may refuse your request as required by law or by court order.

2) Data subjects can request correction or change of their personal data that is inaccurate, incomplete, or outdated.

3) Data subjects can request the deletion, destruction, or anonymization of their personal data, except in cases where the Company is required to comply with relevant laws regarding the retention of such data.

4) Consent can be withdrawn at any time, unless there are limitations on this right.

5) Complaints can be filed if the data controller or data processor, including their employees or contractors, violates or fails to comply with the Personal Data Protection Act.

8. Rights of Data Subjects whose data was collected by the Company before the Personal Data Protection Act B.E. 2562 (2019) came into effect.

Data subjects may request to exercise their rights under the law, such as withdrawing consent for the Company to collect, use, or disclose personal data before the Personal Data Protection Act B.E. 2562 (2019) came into effect, unless there are limitations on this right. Withdrawal of such consent will not affect the collection, use, or disclosure of personal data for which the data subject has previously given consent.

9. Disclosure of Procedures, Practices, and Policies Regarding Personal Data

The Company has a policy to comply with all applicable laws. The Company will disclose this personal data protection policy and practices. Furthermore, if there are any amendments or updates to such policies and practices, the Company will publish them through company announcements and on the website.

10. Policy Review

The Company will review this personal data protection policy at least once a year, or when the law is amended.

bottom of page