Personal Data Protection Policies for customers, suppliers, and visitors.
In accordance with the Personal Data Protection Act, B.E. 2562 (2019), the personal information of all customers, suppliers, and visitors is secured, used, and transferred safely. Policies and procedures on personal information used by the company strictly comply as follows
The company fully respects the personal rights of all customers, suppliers, and visitors.
The company shall request personal information of customers, suppliers and visitors as necessary to conduct business or as required by law or the competent authority.
Personal information shall be secured safely and confidentially.
The company shall determine roles and responsibilities of the data controller, data analyst, and authorisers as well as clear inspection and accessible processes to ensure the safety of data.
Customers, suppliers, and visitors have the right to view, request, and access to the data at any time and shall have to notify the company when there is any change in their personal information or submit information to the company or the competent authority as needed.
Personal information of foreign customers, suppliers, and visitors shall be secured safely at the same standard as the Thais.
Personal information of customers, suppliers, and visitors needed by external authorities shall need a warrant and relevant official documents to be presented to the director or data controller for approval every time.
Sending customers, suppliers, and visitors’ information to government agencies on a regular basis or as required by law such as the Revenue Department shall be done confidentially and be recorded as evidence.
In the case of personal information required by the government authorities or inspection agencies such as auditors, personal data shall be reported confidentially and be recorded as evidence.
Customers, suppliers, and visitors’ information shall be approved by Managing Directors or an attorney and shall be done according to the law before sending that information abroad.
Personal information secured by the company is considered necessary as the company shall store and retain as the owner of the data. Anyone who violates, damages in whole or in part, or uses this information as personal benefit shall be punished as well as liable for the full extent according to the rate prescribed by law. The company shall also charge all legal expenses caused by violators.
The process of using, inspecting, reviewing, or processing related to personal information shall be done confidentially and in good faith.