นโยบายความเป็นส่วนตัว

Privacy Notice

 

We, UEL (Thailand) Co., Ltd. (“Company”, “we,” “our,” or “us”), having our registered address at 159/27 Serm-mit Tower, Unit 1701/1, 17th Floor, Sukumvit21 Road (Asoke), North Klongtoey, Wattana, Bangkok 10110, collect, obtain, handle, use, process, store, disclose, transfer and retain (“process” or “processing”) Personal Data of Data Subjects in accordance with this Privacy Notice and in compliance with the relevant data protection laws and regulations, including the Personal Data Protection Act BE 2562 (2019) (“PDPA”) and other relevant laws and regulations as applicable in Thailand. This Notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.

 

From time to time, we may make changes to this Privacy Notice. These changes will take effect upon publication on our official website or once informed to you via other channel.

 

As used in this Privacy Notice, “Personal Data” means any information relating to a natural person (“Data Subject”) that enables the identification of such person, directly or indirectly. “Personal Data” does not include the information of deceased persons. Other specific term in the document of which the definition is not given herein should be interpreted in accordance with the Personal Data Protection Act of Thailand B.E. 2562 (2019) (“PDPA”).

 

1. Categories of Personal Data Collected and Processed

 

The Company collects and processes your Personal Data solely to conduct our business activities and only within the scope of the purposes stated herein.

 

Depending on how you interact with the Company (online, offline, over the phone, etc.) and relationship between you and the Company, the Company may collect various types of your Personal Data from you, as described below.

 

• Personal details, identification and contact details such as first name, last name, date of birth, age, postal address, e-mail address, telephone number, mobile phone number, photo, etc.
• Payment information such as bank account number, bank advices, debit card or credit card details, payment receipt, etc.
• Data for marketing and communications such as interests and preferences in products and services, websites/communication usage information, consumer feedback, etc.
• Data for business operation and audit such as communication history, purchase history, transaction history, etc.
• Information from computer/mobile device, any information about the computer system or other technological device that you use to access one of our websites, such as the Internet protocol (IP) address used to connect your computer or device to the Internet, operating system type, and web browser type and version, Cookies, etc.
• Further information processed in connection with the relationship between you and the Company or voluntarily provided to the Company by you.
• Sensitive Personal Data. (We do not seek to collect or otherwise process sensitive personal data in the ordinary course of our business. Where it becomes necessary to process your sensitive personal data for any reason, we rely on your prior explicite consent for any processing which is voluntary).

 

Your Personal Data may be converted into statistical or aggregated data in such a way that you, as a Data Subject, will not be identified or identifiable from it and may be used for analytical and research purposes. In such case, it will no longer be your Personal Data.

 

2. Sources of Personal Data Collected

 

The Company may obtain your Personal Data directly from you or from any other source, including, but not limited to, the following:

 

1. provided by you directly in the process of communicating and/or establishing a business relationship with you or your company including applying for onlice servces;
2. provided by you directly in the process prior to or for engagement of contract with the Company;
3. provided directly by you or indirectly via any agent during engagement of our services;
4. provided when you communicate with us through phone calls, emails, social media, and/or other correspondence.

 

We may also collect Personal Data about you from third parties such as the organization to which you belong and/or public sources to the extent that it is permitted under the PDPA and other applicable laws.

 

3. Purposes for Processing of Personal Data

 

The Company mainly processes your Personal Data indicated above in section A for the following purposes:

• • For customers services such as responding to your enquiries, communicating with you about products and services of the Company, etc.;
  • To engage in contracts with you, including service contracts, sales contracts, supplier contracts, outsourcing contracts, or hire of work contracts, etc.;
  • For general procedures related to business operation of the Company, such as in the procedures for hire, sales and purchases, business administration, customer management, resource management, personnel management, security management, etc.;
  • For marketing and business development of the Company (only where permitted) such as conducting internal or market research and measuring the effectiveness of advertising campaigns, etc.

 

We may process your Personal Data for other purposes as permitted by laws.

 

4. Legal Basis for Processing of Personal Data

 

Your Personal Data shall be processed for the aforementioned purposes in accordance with the PDPA. In principle, the Company shall process your Personal Data only when there is a legal basis as follows:-

 

1. processing based on the Data Subject’s consent;
2. for preventing or suppressing a danger to a person’s life, body, or health;
3. necessary for the performance of a contract to which the Data Subject is a party or to take steps at the request of the Data Subject prior to entering into a contract;
4. necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Company;
5. necessary for legitimate interests of the Company as a data controller or the interests of a third party, except where the fundamental rights and freedoms of the Data Subject in relation to the protection of his or her Personal Data override these interests;
6. for achievement of purposes relating to the preparation of historical documents or archives for the public interest or of purposes relating to research or statistics pursuant to which suitable measures to safeguard the Data Subject’s rights and freedoms have been taken; and/or
7. for compliance with a legal obligation imposed upon the Company;

 

Where we are a data processor, we will process Personal Data on behalf of the data controller only for and to the extent of the performance of contract that we have with the data controller and per instruction of the data controller.

 

Some categories of Personal Data are of a sensitive nature, and data protection legislation has a stricter regime for these special categories of Personal Data (“Sensitive Personal Data”). This data concerns race; ethnic origin; political opinions; cult, religious, or philosophical beliefs; sexual behavior; criminal records; health data; disability; trade union information; genetic data; biometric data; and any data that may affect the Data Subject in the same manner. In principle, the processing of this Sensitive Personal Data is forbidden unless the Company can refer to an exception. On the limited occasions in which the Company processes Sensitive Personal Data, the Data Subject will be informed in advance and explicit consent would be obtained, where required by laws.

 

5. Disclosure of Personal Data

 

• • The Company’s staff;
  • The companies within the same group of the Company and their staff;
  • Legal advisors, accounting advisors, tax advisors and other advisors of the Company;
  • Third-party service providers, suppliers, contractors, relevant software and/or system providers and data processors;
  • Potential buyers or sellers, where required for the preparation or implementation of any acquisition, merger, company split, transfer of business, reorganization, or any other M&A activity;
  • Governmental authorities agencies, boards, commissions, officers, officials or entities exercising legislative, judicial, regulatory or administrative functions where required by laws or orders.

 

Recipients of your Personal Data may be located in countries and areas outside of Thailand (“Third Countries”). The Company transfers your Personal Data to external recipients in Third Countries only in the case where: (i) the respective recipient is located in a country or area which has adequate data protection standard; (ii) your explicitly consents to the transfer of your Personal Data outside Thailand, or (iii) under other grounds and conditions as permitted under the PDPA, such as for compliance with a contract between the Company and other persons for the interests of the Data Subject or where there are suitable protection measures which enable the enforcement of the Data Subject’s rights according to the rules and methods as prescribed and announced by the Personal Data Protection Committee.

 

The Company will ensure that the transfer is carried out in accordance with the PDPA and other applicable laws and regulations.

 

6. Period for which Personal Data will be stored

 

Unless indicated otherwise, the Company will retain your Personal Data for no longer than the period that is necessary for the purpose for which it is collected or otherwise processed (including as required by applicable law or regulation or for the exercise or defense of legal claims).

 

We may also retain your Personal Data even after the purposes for its collection are fulfilled in case it is necessary as the Company has an ongoing legitimate interest to do so, or it is for compliance with the applicable law, including the Computer Crimes Act B.E. 2550 (2017).

 

7. Rights of the Data Subject

 

You as Data Subject shall be entitled to a number of rights in relation to your Personal Data, including:

• • The right to withdraw your consent where your Personal Data is processed on a consent basis. Please note that withdrawal of your consent shall not affect the lawfulness of processing based on consent before your withdrawal. Nonetheless, please note that there may be legal consequences which may arise from the withdrawal of your consent. We shall inform you of any such consequences depending on the nature of the withdrawal of consent you are requesting.;
  • The right to access to and obtain a copy of your Personal Data;
  • The right to data portability which allows you to receive information in relation to the Personal Data, measures to collect the Personal Data, information of the recipients or categories of recipients to which the Personal Data will be disclosed, including reasons and the period of retention of your Personal Data;
  • The right to object the processing of Personal Data;
  • The right to erase, destroy, and anonymize your Personal Data after the period of retention of the Personal Data;
  • The right to restrict the processing of your Personal Data;
  • The right to rectification so as to ensure correct, up-to-date, complete and not misleading Personal Data; and
  • The right to lodge a complaint to the relevant authority in the case where we violate the provisions of the PDPA.

 

If you wish to request for exercise of any rights above, please submit an application to us at the contact details provided herein below.

 

8. Personal Data Protection and Security

 

The Company have put in place appropriate security measures, including physical, technological and organizational measures, to prevent the unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of your Personal Data and shall ensure that the security measures are in accordance with the minimum standard specified and announced by the Personal Data Protection Committee under the PDPA.

 

The Company limit access to your Personal Data only to employees, agents, contractors and other persons and third parties mentioned only as necessary. They will be allowed to Process Personal Data only within the scope of our instructions and be subject to a duty of confidentiality. The Company also implements access control, requirements on identifying and authenticating accessing parties, prevention of unauthorized external access and prevention of leaks accompanying use of information system.

 

If discover that there is a breach of your Personal Data that poses a risk to the rights and freedom of a Data Subject, the Company will report it to the Office of Personal Data Protection Commission without undue delay, and where feasible no later than 72 hours of discovery. If the breach is likely to result in a high risk to the rights and freedom of a person, we will notify relevant Data Subjects that there has been a breach and provide information about the breach and the guideline of remedy without undue delay.

 

1. Data Privacy Contact

 

If you have questions with regard to processing of your Personal Data or wants to exercise any of the above rights in section G above, you may contact the Company at:

 

UEL (Thailand) Co., Ltd.

Address: 159/27 Serm-mit Tower, Unit 1701/1, 17th Floor, Sukumvit21 Road (Asoke), North Klongtoey, Wattana, Bangkok 10110

Tel : +66(0)2-661-7731-2

Email : cadmeister-thai@uelthai.co.th

 

You may also contact the Company’s Data Protection Officer below:

 

Name : TOMOHIKO NAKAMURA

Address: 159/27 Serm-mit Tower, Unit 1701/1, 17th Floor, Sukumvit21 Road (Asoke), North Klongtoey, Wattana, Bangkok 10110

Tel : +66(0)2-661-7731-2

Email : cadmeister-thai@uelthai.co.th

 

As of: 1st July 2022