Patum Design Develop Company Limited (“company”) realizes that personal data protection is crucial because it is a part of the social responsibility and reliable social relation with business partners and customers. The company, therefore, has complied with The Personal Data Protection Act and other required regulations. The company will strictly apply the measures to secure and protect personal data so it cannot be accessed without the consent of the subject. The company will follow the intentions and consent of the data owner to collect or disclose the data as specified by law and comply with international standards.
This policy is set up to manage and secure personal data properly in order to protect the customer’s personal data which has been given to the company. The collection and disclosure of the data will comply with The Personal Data Protection Act and other required regulations.
Other services not included in our website such as goods or services provided by the company and affiliate companies which are not clearly stated in this policy;
2.2 Data received from affiliate companies;
2.3 Personal data from third parties such as stores or companies providing services on data collecting, business partners and business alliances;
2.4 Personal data received from those who visited other websites connected or related to the website of the company;
2.5 Visiting behavior collecting from the log on the website of the company;
2.6 Personal data received from public records and non-public records which the company has a right to collect according to the law;
2.7 Personal data received from government offices which regulate or enforce the law.
The company intends to collect, use and disclose personal data as follows:
3.1 To serve and improve the services and products of the company including other services and products which will arise in the future;
3.2 To make any transactions concerning services or products of the company such as post-sales service;
3.3 To manage the relationship between the company and personal data owners;
3.4 To verify and/or identify the identity of a person accessing any channels of communication with the company;
3.5 To communicate, inform or receive the information from the company or any changes occurred in the company;
3.6 To carry out the intention informed to the company of personal data owners;
3.7 To offer benefits and/or other services of the company such as product offerings, service offerings, promotions in sales promoting activities and any transactions involved in accessing the services of the company;
3.8 To run the business of the company such as checking and developing new products, adjusting or changing services, analyzing services, sales promotion activities and business expansion of the company;
3.9 To do any proper and necessary activities in:
3.9.1 Checking and protecting any actions which may violate the law;
3.9.2 Enforcing regulations of services and policies concerned with personal data of the company;
3.9.3 Healing, protecting or limiting any damages that will occur.
3.10 To comply with the law, the investigations of the officers or regulators or terms and conditions imposed by the government.
For any objectives which haven’t been stated above, personal data owners will be informed when the company needs to collect the data. However, the company will collect, use or disclose personal data under terms and conditions stated in section 3 only on the following conditions:
1. The owners have given the consent to the company as stated in the law;
2. It is needed as a counterparty or is required before signing the contract;
3. To protect or stop any harm to life, body or personal health;
4. It is necessary for the company to carry on the mission for the public benefit of the company or doing the duty assigned to the company by the government;
5. It is necessary for the legal benefit of the company or person or juristic person except if the benefit is less significant than the fundamental right of the personal data owners;
6. It is necessary to comply with the law.
Types of data |
Objectives of Processing |
Personal data
|
When you visit the website of the company you are required to register with the company and/or
|
Data
|
|
Systematic data |
To provide information on visiting and using the Company’s website in order to manage and solve the internal problems of the website To analyze, test and research for security To check the distortion and user accounts management to develop using the experiences of the users |
Location data |
The website will use the data stored by cookies to analyze by statistical method or other means of PD House to develop products and services |
Cookies |
|
Personal data
When you visit the website of the company you are required to register with the company and/or
Data
information on
Systematic data
To provide information on visiting and using the Company’s website in order to manage and solve the internal problems of the website To analyze, test and research for security To check the distortion and user accounts management to develop using the experiences of the users
Location data
The website will use the data stored by cookies to analyze by statistical method or other means of PD House to develop products and services
Cookies
The company will collect the data which the data owner provides to the company directly or the data the company receives from providing services or other channels of operation
The company will collect only necessary personal information by considering the objective and necessity which the company has to operate and comply with the required laws. The company will keep the data for a period of time provided you have given consent to the company. This will comply with the prescription specified in the required laws. The data will be kept securely for each type of personal data. In some cases, during the execution (or completion), the company will keep the personal data even though the prescription is ended.
ทThe company will keep your personal information with appropriate protection measures. This means the data is kept confidentially, securely and ready to be used. To prevent any violation of personal data, the company will impose regulations and measures to protect personal information such as the security standard of information technology and measures to prevent those who receive the data from the company from using or disclosing the data deviate from the objective of collection or unauthorized or unlawful use.
Furthermore, the company has informed the personnel, representatives and those who receive the data from the company to keep all personal data confidential and secure as the measure imposed by the company, if any personal data is reviewed.
Disclosure of personal data
The company will disclose the personal data to a third party and/or outside organizations or offices only in the following situations
Transferring and/or sending personal data to other countries
In case the company has to transfer and/or send personal data to other countries, the company will set a standard in the agreement and/or joint venture business with the organization that will receive the data to protect the personal data at the acceptable level and comply with the required law in order to be confident that the personal data is secured such as:
In some cases when the company presents the products or services or to carry out any activities, it is necessary for the company to collect defined, sensitive personal data such as race, religion or beliefs, sexual behaviour, disability, labour unions, genetics, biological and health data. The company will ask for consent from the subject to use aforesaid data for the purpose of the company.
Other than the purposes stated above and under the restriction of the law, the company will use the personal data for marketing purposes such as sending promotional documents by post or email or other means of communication including direct marketing for the benefit of the data owner as a customer of the company.
For the confidence of the subject in the management of the company in securing the personal data from unlawful access, data leakage, data editing or loss, the company is cognizant of data security and will operate according to international standards of personal data security and as imposed by the law.
The company limits the right to access personal data only for the persons who need the data for presenting products and services of the company such as sales persons, representatives and advertising agencies. These persons have to strictly follow the data protection measures of the company both physically and electronically.
The company has measures to protect personal data of a person by limiting the right to access the data for those who use the data, such as sales persons or advertising agencies, to present the products and the services of the company. These persons will strictly follow the data protection measures imposed by the company. They must keep the data confidential. The measures to protect personal data, physically and electronically, of the company are in accordance with the standard imposed and enforced by the law.
The rights of personal data are a legal right. In which the subject should know. The subject can use the rights as it is currently imposed by the law or will be imposed in the future or as specified by the company.
The right to withdraw the consent.
The subject has the right to withdraw the consent given to the company at any time throughout the period the personal data is available to the company, unless it is restricted by laws or the subject is still under beneficial contract.
The right to transfer the data.
The subject has the right to obtain the data if the company organizes the data via automation; readable or usable formats and can be processed or disclosed by automated means; to request the company to send or transfer the personal data in such formats directly to other data controllers if doable by automated means; to obtain the personal data in such format sent or transferred by the company directly to other data controllers unless not technically feasible.
The right to object.
The subject has the right to object the collection, use or disclosure of the personal data at any time if such matters are conducted for legitimate interests of the company or other individual or for carrying out public tasks. If there are objections, the company can collect, use and disclose the personal data only in the cases which the company can explain legally that the operation is more crucial than the legal basic right of the subject or to confirm the operation stated by law or as evidence used in court respectively.
The right to erase or destroy the data.
The subject has the right to request the company to erase, destroy or anonymize the personal data if the subject believes that the personal data collected, used and disclosed is against relevant laws, or the data is no longer necessary in connection with related purposes under this policy; or when the subject requests to withdraw the consent or to object to the processing as described earlier.
The right to suspend the use of personal data.
The subject has the right to request the company to suspend the processing of personal data during the period the company examines the rectification or objection request.
The right to rectify the data.
The subject has the right to request the company to rectify the data to be updated, completed and not misleading.
The right to complain.
The subject has the right to complain to competent authorities if the subject believes that the collection, use and disclosure of the data is not pursuant or violates the relevant laws. Please see item 15 for more information to contact the office of The Board of Personal Data Protection. Please see item 15 for more information to contact the office of The Board of Personal Data Protection.
The subject can exercise the rights stated above by filling out the form and submitting to the responsible authority. However, the exercise of the right may be limited by the relevant laws. In case the company cannot do as requested due to the order of the court, the public benefit or the request violates the rights and liberties of another individual, the company will notify the subject the reason for not being able to follow the request for each type of right in a period of time as detailed below:
The website of the company will connect with other third-party websites which have a contrasting policy on personal data protection. The subject has to consider the personal data protection of those websites in order to disclose the personal data. The company will not take any responsibility on content or damages created by third party websites.
Should the subject have any questions about this policy or wishes to exercise their rights, please contact a data protection officer by using the following details:
Patum Design Develop Company Limited
473 Rungsit-Nakhon Nayok Road, Prachathipat sub-district, Thanyaburi district, Pathumthanu 12130
https://www.pd.co.th
Telephone 02-006-0940
The Subject’s Inquiries on personal data protection policy Should the subject have any questions about this policy or wishes to exercise their rights, please contact a data protection officer by using the following details:
Patum Design Develop Company Limited
473 Rungsit-Nakhon Nayok Road, Prachathipat sub-district, Thanyaburi district, Pathumthanu 12130
https://www.pd.co.th
Telephone 02-006-0940
Should the subject have any complaints or feels unsatisfactory with the explanation from the company, the subject can contact the office of The Personal Data Protection Committee as detailed below.
Telephone 02-141-1033
Email [email protected]
Or send a letter to:
120 Moo 3, Ratthaprasartsanapjukdi Building (Building B), Government Center, Chaengwattana, Office of Personal Data Protection Committee Office of the Permanent Secretary, Ministry of Digital for Economy and Society, Chaengwattana Road, Thungsinghong sub-district, Laksi district, Bangkok 10210.
The company reserves the right to change or edit the personal data protection policy in the future under the compulsory laws. The company will notify the changes via our website: https://www.pd.co.th