To ensure that the Company’s operations have legal and international standards for personal data protection including prescribing rules for the protection of personal data of the data subject, management measures which affective and appropriate violations of the rights of personal data subjects
Scope of application
Personal data processed by the company shall include the personal information of the following persons
1) Individual customers
2) Officers or operators or employees of the Company
3) Business partners and service providers who are natural persons
4) Directors, attorneys, representatives, representatives, shareholders, employees or other persons having the same type of relationship with the juristic person having a relationship with the Company.
5) Users of the Company’s products or services
6) Visitors or use of websites, systems, applications, devices or other communication channels controlled by the Company.
7) Other persons at the Company Collect personal information such as job applicants, family members, guarantors, insurance policy beneficiaries, etc.
Items 1) to 7) collectively referred to as “you”.
In addition to this Policy, the Company may provide a Privacy Notice (“Notice”) for specific products, services or processing of Personal Data under any contract or provision of the Company. to notify the data subject of the personal data being processed Purpose of processing Period of retention of personal data Including the rights of the subject of personal data according to the law. The provisions of the privacy notice of the service or the processing of personal data shall be governed.
For personal data collected before the Personal Data Protection Act B.E. 2562 came into force, the Company can continue to collect and use that personal data according to the original purpose. By disclosing and taking actions other than the collection and use of the above personal information, we must comply with the Personal Data Protection Act B.E. 2562 and related laws.
Purpose of collecting personal information
We will collect, use, or disclose your personal data in accordance with your requests and/or agreements made with us for the following purposes:
1. To verify or identify your identity when you access our platform
2. For internal management and organization
3. To process your requests and consider approval for the services we provide, including delivering our products and/or services to you
4. To prevent and detect fraud and security violations in various activities that may be illegal and in violation of our terms and conditions of use
5. To manage, develop, customize, evaluate, and improve the content of our services and advertising.
6. To provide content procurement services, products, and other related services, including providing assistance and advice to you in case of platform use issues.
7. To track or record your platform usage.
8. For marketing and sales promotion, after-sales service notification, updates on teaching media, activities, new features on the platform, and news for your benefit.
9. To collect feedback for research, evaluation, development, and improvement of services, features, and platform technologies to be more effective and responsive to user needs, such as testing, research, and statistics.
10. To allow the service provider to contact you by email or phone to resolve issues and collect fees.
11. To post or publicize your satisfaction with our products and services.
12. To comply with our policy, terms, and conditions.
13. To comply with the laws and regulations of various government agencies, such as the Thai Royal Decree.
In addition, please note that we still have the right to use your personal data that we collected before the effective date of the data protection law without requiring your consent for the same purposes as originally intended. However, if you do not wish for us to continue processing such personal data, you may notify us to withdraw your consent at any time.
“Personal Data Protection Policy” (Personal Data Protection Policy) means the policy that the company has established to inform the owner of personal data about the data processing of the company. and details as defined by the Personal Data Protection Act B.E. 2562 and related laws
“Personal Data” means information about an individual that enables an individual to be identified. either directly or indirectly but does not include the information of the deceased in particular.
“Sensitive data” means personal data relating to race, ethnicity, political opinions. doctrine religion or philosophy sexual behavior Criminal record Health information Disability union information Genetic information, biological information or any other information that affects the owner of personal information in the same manner as prescribed by the Personal Data Protection Committee.
“Processing” means the collection, use, and disclosure of personal data.
“Owner of personal data” (Data Subject) means the natural person who is the owner of personal data.
“Data Controller” means a person or other juristic person who has the authority to make decisions regarding the collection, use or disclosure of personal data, including any references. According to the laws relating to the protection of personal data, meaning or expressing the same or similar to the data controller.
“Personal Data Processor” (Data Processor) means a person or a juristic person who works in relation to the collection, use or disclosure of personal data in accordance with the instructions or on behalf of the data controller. This includes any references. According to the laws relating to the protection of personal data, meaning or expressing the same or similar to the personal data processor, the person or legal entity that performs such processing is not the data controller.
“Cookies” (Cookies) means small computer files. to temporarily store necessary personal data on the personal data subject’s computer; For convenience and speed of communication, which will be effective while accessing the website system only.
Collection of Personal Data and The Source of Personal Information
All visitors can access the content published on our website. However, certain features and services may require registration. Users can register (“sign up”) on the website and may gain access to additional services by following the appropriate process, such as paying to access content and services under our terms and conditions. The personal data that we collect from you may include any information that can directly or indirectly identify you, including but not limited to the following:
Contact information, such as your address, telephone number, and email address
Account information, such as your username, password, and usage history
Device location information, such as mobile phone information
Other information, such as images, animations, data that appears in the documents submitted to the company, and any other personal data under the definition of personal data protection laws
The information that we automatically collect includes technical data such as IP address, cookie ID, activity log, and information about your visits, as well as a list of global resource identifiers that are linked to our platform, accessed through our platform, and from our platform (including dates and times). We also collect information about the products you are viewing or searching for, page response times, download problems, the length of time you visit each page, and information about your use of our platform. We receive this information when you visit our website, and our servers automatically record the data sent by your browser.
This automatically collected information is used to identify potential violations and to generate statistical data about the use of our website. However, this statistical data will not be collected in a way that could identify any individual user of the system.
We may collect, use, or disclose sensitive personal data when we have explicit consent from you, unless otherwise required by law, including health information, religious information, biometric data such as facial recognition data, iris scans, fingerprints, as well as any other personal data that may affect your personal data protection rights as defined by the Personal Data Protection Committee. Our data collection will only be collected by the source. and principles for collecting personal data as follows:
Collect directly from the subject of personal information, such as collecting personal information by filling in personal information through subscription forms both in paper and online forms. answering questionnaires (Survey), applying for jobs, signing contracts or documents or when the data subject communicates with the Company through the specified channels
Collect from the owner of personal information accessing the website, software or application according to the service contract, such as tracking the behavior of using the website, products or services of the company. By using cookies (Cookies) or from software on the device of the owner of personal information, etc.
Collect from sources other than directly from the owner of personal information, which the company can legally collect from such sources. or obtain consent from the owner of the personal data in disclosing the data to the Company, such as searching for personal data through the website system third party inquiries or disclosure by affiliates or group companies. business partner Or a third party for the purposes specified in this policy, the company will notify the owner of the personal data without delay. But not more than 30 (thirty) days from the date the company collect personal information from such sources Including going to request consent for the collection of such personal information from the owner of the personal information Unless the data subject is exempt from the need to obtain consent or notify the data subject as required by law.
If you are under 20 years of age or have legal limitations on the collection, use, or disclosure of your personal information, we may need to obtain consent from your parent or legal guardian before collecting, using, or disclosing your personal information. If we become aware that personal information has been collected from individuals under 20 years of age without consent from their parent or legal guardian, we will take steps to promptly delete such information from our servers.
Disclosure of Personal Information
To protect your personal information from fraud and unauthorized transactions (such as money laundering), legal action, and other liabilities, we may disclose your personal information to others with your consent or as permitted by law. This includes, but is not limited to, individuals/organizations such as:
1. Internal organizational management
2. Service Provider
3. Business Partnership
We may disclose certain information to our business partners in order to communicate and coordinate the provision of our products or services, and to provide information as necessary about the readiness of our products or services.
4. Business Transfer
Method of Personal Data Storage
We will store your personal data in document and electronic form. We store your personal data on our servers located in Thailand.
Data Retention Period
Rights related to personal data
Your rights under data protection laws include:
1. The right to withdraw consent means that if you have given consent, we will collect, use, or disclose your personal information in accordance with the consent you provided, whether before or after the data protection laws are enforced. You have the right to withdraw your consent at any time. However, withdrawing your consent does not affect the collection, use, or disclosure of your personal information that was previously authorized by your consent.
2. Right to access You have the right to request access to your personal data that is under our responsibility, and to request a copy of that data. You may also request that we disclose how we obtained your personal data.
3. Right to data portability You have the right to receive your personal data in a format that can be read or processed automatically, and to request that we send or transfer this data in such a format to another data controller where technically feasible. You also have the right to receive the personal data that we have sent or transferred in such a format directly to another data controller, unless it is technically impossible to do so.
4. Right to object You have the right to object to the collection, use, or disclosure of your personal information at any time, unless such collection, use, or disclosure of your personal information is necessary for our or another person’s or entity’s legal obligations, or for carrying out tasks in the public interest. The collection, use, or disclosure of your personal information must not exceed the scope that you could reasonably expect.
5. Right to erasure/destruction You have the right to request the deletion or destruction of your personal data or to make the personal data non-identifiable if you believe that your personal data has been collected, used, or disclosed unlawfully or if we no longer have a legitimate reason to retain your personal data for the purposes set out in this policy, or if you have exercised your right to withdraw consent or to object as described above.
6. Right to restriction of processing You have the right to request a temporary suspension of the use of your personal data in cases where we are reviewing a request to exercise your right to correct or object to your personal data, or in any other case where we no longer need to retain your personal data under applicable law and you request that we suspend its use instead of deleting it.
7. Right to rectification You have the right to request correction of your personal information to be accurate, up-to-date, complete, and not misleading.
Advertising and Marketing
For the benefit of receiving our products or services, we use your personal information to analyze and improve our products or services and to market through Google, Facebook, and others. We use this information to make our products or services suitable for you.
Our website may display advertisements from third parties to facilitate our service. These third parties may access your personal information only for these purposes and are responsible for not disclosing or using it for any other purpose.
We will not use automated decision-making systems without human oversight, including profiling that significantly impacts you.
We and our business partners may send marketing communications, advertisements, and sales promotion information or newsletters to your email for the purpose of offering interesting things to you. If you do not wish to receive communication from us via email, you can click “unsubscribe” in the email link or contact us via email.
Personal Tracking Technology (Cookies)
1. Strictly Necessary Cookies: These cookies are necessary to enable the website to function and are essential in helping us identify and authenticate users, as well as control access to specific content and ensure that personal data is processed correctly and securely. Additionally, they assist in managing content based on the correct permissions received.
2. Analytical Cookies: These cookies are essential for the website to function and are necessary to help us identify user identity and access to prevent personal data from being mishandled or compromised. Additionally, they assist in managing content in accordance with appropriate permissions.
3. Functionality Cookies: These cookies are used to store cookies for customizing the language of the system to match the user, to support reconnection in the event of interruptions or problems during use, and to store cookies for remembering the number of interactive functions that have occurred in the system.
Maintaining the security of personal data.
We will maintain the confidentiality, integrity, and availability of your personal data in accordance with the principles of data protection to prevent loss, unauthorized access, use, alteration, modification, or disclosure. In addition, we will implement measures to ensure the security of personal data, which includes administrative, technical, and physical safeguards, in terms of access control. Our employees, contractors, and external service providers have a duty to maintain the confidentiality of personal data and comply with strict standards and policies for data security when using, transmitting, transferring, or processing your personal data.
Reporting Personal Data Breaches
In the event of a breach of your personal data, we will notify the Office of the Personal Data Protection Commission within 72 hours of becoming aware of the breach without undue delay. If the breach poses a high risk to your rights and freedoms, we will inform you of the breach and provide guidance on mitigating its possible adverse effects through various channels such as our website, SMS, email, phone, or mail without undue delay.
Connecting to other websites
We will post any changes to this page, so please revisit this page from time to time to stay informed about updates or modifications. In the event of any material changes that may impact your rights or the way we handle your personal information, we will notify you of such changes in advance and seek your consent if required by applicable laws.
PANUS ASSEMBLY CO., LTD.
27/1 Moo.3 Tambol. Kudnong Panusnikhom, Chonburi 20140 Thailand.
Tel: 038-462-100-2 Fax : 038-462-103