The Company will collect your personal data with related authorities under the legal basis for the processing of personal data as follows:

However, if you do not provide Personal Data to us, it may affect your inconveniences and may not be in compliance with our contract. Furthermore, it may affect certain legal compliance which can result in penalties.

For example, Consulting firms and legal consulting firms, telemarketing company, Business partners Banks, agency companies, recruitment agencies external service providers (such as suppliers, vendors, or outsourcing) and/or government agencies or relevant regulatory agencies.

The Company will disclose your Personal Data to other persons or entities under your consent or other legal basis for the purposes specified in this Policy. For example, Personal Data Processors, business partners, external service providers, the Company’s agents, sub-contractors, financial institutions, auditors, external auditors, credit rating companies, asset management companies, the National Credit Bureau, competent authority, prospective assignees and/or assignees in any transaction or business merger of the Company, any corporations or individuals under relationship or contract with the Company; including executives, staffs, employees, contractors, agents, the Company’s advisor and of those person or entity who receive the data, etc.

Personal data processors are obliged to process the personal data only to the extent required for the specific in the agreement and under the Company's instructions, and unable to use the personal data for any purposes other than specified in the scope of engagement or for any unlawful purposes.

When it is necessary, the Company may send or transfer your Personal Data to affiliated companies/companies in the same business located in other countries or to other receivers in ordinary course of the Company’s business, e.g. sending or transferring the Personal Data to be stored on server/cloud in other countries.

If the receiving countries do not maintain adequate standard levels, the Company will ensure that the sending and the transferring are in compliance with legal requirements and will put in place the Personal Data protection measures as necessary, appropriate and in consistent with confidentiality measures. For example, entering into confidentiality agreement with receivers in such country; or in case of affiliated companies/companies in the same business being the receivers, setting out the Personal Data policy that is audited and certified by competent authorities under relevant law and controlling the sending and transferring to comply with such policy instead of legal requirements.

The Company provides appropriate security measures for preventing the unauthorized or unlawful loss, access to, use, alteration, correction, or disclosure of Personal Data, and such measures will be reviewed by the Company when it is necessary, or when the technology has changed in order to efficiently maintain the appropriate security and safety.

For retention of your Personal Data, the Company implements technical measures and organizational measures to ensure appropriate security in the Personal Data processing and preventing Personal Data breach. The Company has set out policies, rules and regulations on Personal Data protection, e.g. security standards of information technology and measures to prevent data receivers from using or disclosing the data outside the purposes or without authorization or unlawfully. The Company has amended the policy, rule and regulation as frequently as necessary and appropriate.

Moreover, the Company’s executives, staffs, employees, contractors, agents, advisers and data receivers are obligated to keep the Personal Data in confidence pursuant to confidentiality measure provided by the Company.

The Company will retain your Personal Data within the period necessary for the purposes specified in this Policy in order to comply with legal requirements, accounting requirements and/or protect interests of the company except for the case that the longer period of retention is required by laws. After the expiration of the retention period, or if your Personal Data is no longer required, the Company will erase, destroy, or anonymize such Personal Data.

For Personal Data retention, your Personal Data will be retained in the form of documents within office of the Company or upon server accessed and operated by the Company or authorized service providers only.

If the Company collects, uses, or discloses your Personal Data subject to the purposes specified in this Policy, you have the following rights pursuant to the Personal Data Protection Act B.E. 2562 (2019):

If you wish to exercise the foregoing rights, you are required to make a written statement. The Company will use its best efforts to perform actions in due course and no later than the period prescribed by law. The Company will strictly comply with the laws concerning your rights as the Data Subject.

The exercising of rights to request the erasure, destruction, or anonymization of your Personal Data, temporary restriction of use, or withdrawal of consent may result in the Company being unable to render services to you.

The Company reserves the rights to revise and amend this Personal Data Protection Policy as deemed necessary and appropriate without prior notice. Any revision or amendment will be announced and published on the Company’s Website or by any other appropriate method. The Company encourage you to check the Personal Data Protection Policy on this page regularly for updates.

The Company’s Website uses cookies and other tools to help distinguish you from other users of the website. This allows the Company to improve the website and to provide you with a quality experience when using the website, gather overall statistics without revealing the identity of owner of the personal data in order to help the Company reaches users’ needs and objectives of accessibility. By continuing to use this website, you are agreeing to cookies being placed on your computer.