Privacy Policy
1. Our Privacy Statement
Taikisha (Thailand) Co., Ltd. (the “Company” or “we”) has established and disclose this Privacy approach to explain how we process personal data of our customers, vendors, and other business partners including its corporate entity’s individuals such as its employees, contact persons, and directors since the protection of your personal data is of great importance to us.
We process your personal data in accordance with the applicable regulation relating to personal data protection, in particular the Personal Data Protection Act B.E. 2562 (“PDPA”). This Privacy Policy explains how we, as the data controller, collect, use and disclose your personal data. In addition, we regularly review and update this Privacy Policy and in case of any significant update to this Privacy Policy, we will inform you as appropriate.
2. Personal Data to be Collected
Regarding the PDPA, personal data means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly, but not including the information of the deceased persons in particular.
We collect the following personal data for processing to achieve the purposes as herein with the legal basis provided for in the PDPA. In addition, we may process your personal data of a sensitive nature in accordance with special criteria provided for in the PDPA.
We collect your personal data directly from you or your personal data may be collected from other sources, such as the company which you are a director, a representative, an assignee, an employee, and government organizations.
General Personal Data
Name, Surname, Signature, Address, Phone number, Fax number, Email, ID card number, Passport number, Copy of your ID card, Copy of your Passport, Visa information, Date of birth, Gender, Age, Nationality, Photo, Bank account information, Your position, Videos and Images caught on CCTV cameras at our premises, and Your company information, such as Financial report, and Tax ID number
Sensitive Personal Data
Religious belief shown in a copy of your ID card
3. Purpose of Processing of Personal Data
The Company collects, uses, or discloses your Personal Data for various purposes depending on relationship between you and the Company as follows.
3.1 Customers, including its corporate entity’s individuals such as its employees, contact persons, and directors
To consider entering into an agreement or to take steps as per an application in relation to our products or services or to enter into an agreement with you or your company
To provide products, benefits, or services of the Company, to perform contractual obligations including but not limited to proceeding with purchase orders, delivering products or services, making payments, and issuing tax invoices, to provide after sale services, to register for providing services in relation to products and services, and to receive or deliver the information or documents between you and the Company including to comply with our internal procedures
To manage our relationship with customers, for example to communicate with you on any information about our products and services, to manage your complaint, etc.
To conduct business planning, reporting and forecasting
To inform any information or notifications to you about products or services that you have with us including other products or services of the Company, to inform benefits, sales promotion, marketing activities, any activity and project invitations of the Company and to communicate about such activity and project including to offer our products or services
To comply with relevant regulations, such as tax laws, to exercise the rights to legal claims or defend against the rights to legal claims, and to report information to government authorities as required by laws or upon receiving an order or a writ of attachment from the authority for the purpose of investigation or examination under the laws
To control access to the buildings and premises for security reason, and to observe, prevent, deter, and (if necessary) investigate unauthorized access to buildings and premises for the purpose of monitoring security of the buildings and premises of the Company, including the recording of the person contacting the Company through the CCTV camera
To record your information in the Company’s database
3.2 Vendors, and other business partners including its corporate entity’s individuals such as its employees, contact persons, and directors
To consider entering into an agreement with you or your company or to take steps to enter into an agreement with you or your company
To perform contractual obligations, to monitor your services in accordance with the agreement between you or your company and the Company, and to comply with our internal procedures, including but not limited to proceeding with purchase orders, making payments, and issuing tax invoices, to register new vendors, to monitor and evaluate your service, and to receive or deliver the information or documents between you and the Company
To manage our relationship with our business partners, for example to communicate with you on any information about services, etc.
To verify your identity during performing services in accordance with the agreement between you or your company and the Company
To comply with relevant regulations, such as tax laws, to exercise the rights to legal claims or defend against the rights to legal claims, and to report information to government authorities as required by laws or upon receiving an order or a writ of attachment from the authority for the purpose of investigation or examination under the laws
To control access to the buildings and premises for security reason, and to observe, prevent, deter, and (if necessary) investigate unauthorized access to buildings and premises for the purpose of monitoring security of the buildings and premises of the Company, including the recording of the person contacting the Company through the CCTV camera
To record your information in the Company’s database
4. Legal Basis for Processing of Personal Data
The legal basis for the processing of your personal data is as follows:
A consent basis, when it is required by law to obtain a consent for processing;
When the processing activity is necessary for the performance of contractual obligations to perform contractual obligations between you and the Company;
When the processing activity is required for the pursuit of legitimate interests of the Company, except the case where your primary right should be greater than such benefit; and
When the processing activity is required for the compliance with our legal obligations.
In the event that the Company processes your personal data relying on a consent, you have the right to withdraw your consent at any time by the method separately designated by us at the timing of obtaining your consent. However, your withdrawal of consent will not affect the legality of processing conducted based on your consent before its withdrawal.
We will notify you separately, if the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as the possible consequences of failure to provide such data.
5. Retention Period for Personal Data
We will retain your personal data for as long as necessary to fulfill the aforementioned purposes for obtaining and processing your personal data. Specific criteria used to determine our retention periods are the duration we have an ongoing relationship with you, the compliance with applicable laws, the compliance with legal prescription to exercise the rights to legal claims or defend against the rights to legal claims and the necessity of retaining the personal data for other legal or business reasons.
Please kindly be ensured that the retention of personal data after the expiry date of retention period will only occur only in the necessary circumstance. When the retention period has ended or the retention of such data is no longer necessary (whichever is applicable), we will destroy or erase such data from our system.
6. Disclosure of Personal Data
We may share and disclose your personal data to the following third parties in accordance with the PDPA for the purposes stated in this privacy policy. The Company will inform you to acknowledge and request for consent as necessary to comply with the PDPA.
Subsidiaries, affiliates, and any related companies for business purposes
Government authorities, or other authorities as stipulated by laws, including competent officials, e.g., courts, police officers, the Revenue Department, the Skill Development department, and the Board of Investment department
Agencies, service providers and/or sub-contractors for their implementation and procedures, for example, document storing company, delivery company, Audit company, IT company, payment gateway service provider, bank, accounting company, tax consultants, and legal consultants
As a result of the aforementioned sharing and disclosure, in some cases your personal data will be transferred to the recipient company in other countries with an appropriate safeguards by executing with the transferee the standard data protection causes including Binding Corporate Rules or Data Processing Agreement (if any or whichever is appropriate) pursuant to the PDPA, unless the data transferred country has appropriate data protection standard as prescribed by the Personal Data Protection Committee or we obtain your consent pursuant to the PDPA. If you wish to receive a copy of documentation related to these safeguards, please inquire using the contact details at the end of this privacy policy.
7. Your Rights as a Data Subject
You have the following rights regarding personal data obtained and processed by us.
Right to withdraw a consent: You have the right to withdraw your consent at any time by the method separately designated by us at the timing of obtaining your consent, except the consent provided is necessary to perform legal obligations or contractual obligations. However, your withdrawal of consent will not affect the legality of processing conducted based on your consent before its withdrawal.
Access to personal data: You have the right to access and obtain a copy of the processed personal data concerning you and to ask the Company to disclose where the Company obtained such personal data from.
Obtaining information or transferring regarding processing of data: You have the right to receive personal data concerning you in a structured, commonly used, and machine-readable format that can be automatically accessed or disclosed, and the right to transfer those data to another controller.
Right to object the collection, the use, or the disclosure of personal data: You have the right to object to the processing of the personal data concerning you.
Erasure of personal data: You have the right to have us delete or destroy personal data concerning you, or to make such personal data to become the information that cannot identify your identity.
Restriction on processing of personal data: You have the right to have us stop the processing of personal data concerning you.
Rectification of personal data: You have the right to have us rectify inaccurate personal data concerning you to be a completed and updated data that will not cause any misunderstanding.
Right to lodge complaints: You have the right to lodge a complaint with a competent data protection supervisory authority when the Company violates or not complies with the laws concerning of personal data protection.
If you intend to exercise any of the aforementioned rights, please inquire using the contact details at the end of this privacy policy.
8. Data Protection Security Measures
The Company implements appropriate and strict security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of personal information.
In case where the Company assigns any third party to process your personal information pursuant to the instructions given by or on behalf of the Company, the Company shall appropriately supervise such third party to ensure your personal information protection in accordance with the PDPA.
9. Contact details
For questions or inquiries regarding this privacy policy, please contact us at:
Taikisha (Thailand) Co., Ltd.
Address: 6th Floor, Thaniya Building, 62 Silom Road Suriyawong, Bangrak, Bangkok, Thailand 10500
This Policy applies to the use of our website only. When you link to third party websites via our Website, the personal information protection shall be in accordance with the Privacy Policy of such websites which are not related to the Company.