PRIVACY POLICY

This privacy policy shall become effective from September 22, 2020 onwards.

 

Sertis Company Limited (hereinafter referred to as “Sertis”) recognizes the importance of personal data protection. Therefore, we have adopted this privacy policy (“Policy”) in order to enable us as a data controller to monitor and supervise the processing of personal data in accordance with the Personal Data Protection Laws.

 

1. Definition

“Personal Data Protection Laws” 

means the Personal Data Protection Act, B.E. 2562 (2019) and its amendments in the future including all related regulations.

“Personal Data Processing”

means collection, use or disclosure of the Personal Data under the Personal Data Protection Laws.

“Personal Data”

means any information relating to an individual which enables the identification of such individual, directly or indirectly, excluding the information of a deceased individual. The Personal Data includes Sensitive Personal Data.

“Sensitive Personal Data”

means any Personal Data pertaining to race, ethnic, origin, political opinion, cult, religious or philosophical belief, sexual behavior, criminal record, health data, disability, genetic data, biometric data and any Personal Data which may lead to discrimination and disgracefulness.

“Data Subject”

means an individual who is the owner of the Personal Data.

“Data Protection Officer”

means a personal data protection officer of Sertis.

2. Scope of Enforcement

This Policy shall apply to all business operations of Sertis which relate to the Personal Data.

3. Personal Data Processing

Prior to or at the time of the Personal Data Processing, Sertis shall seek consent from the Data Subject. In the event of the Sensitive Personal Data, an explicit consent shall be required.

Sertis shall inform purposes of the Personal Data Processing to the Data Subject and conduct the Personal Data Processing in accordance with the informed purposes. In the event that there are changes to the purposes, Sertis shall promptly seek consent from the Data Subject for such changed purposes.

4. Retention Period

Sertis shall inform the retention period of the Personal Data to the Data Subject. In case the retention period is not expressly specified, Sertis shall keep the Personal Data for a maximum period of 10 years or otherwise longer if required by applicable laws.

5. Personal Data Security Measures

Sertis has restricted access to the Personal Data and implement appropriate internal security measures to prevent any infringement and leakage of the Personal Data.

6. Rights of Data Subject

In accordance with the Personal Data Protection Laws, the Data Subject has the following rights:

  • the right to access to his/her Personal Data;

  • the right to rectify his/her Personal Data;

  • the right to port his/her Personal Data;

  • the right to erase his/her Personal Data;

  • the right to restrict the use of his/her Personal Data;

  • the right to object the collection, use and disclosure of his/her Personal Data; and

  • the right to withdraw his/her consent.

7. Review of Privacy Policy

This Policy shall be reviewed to ensure that it remains up-to-date at least once a year, or whenever there is any significant change to the Personal Data Protection Laws.

8. Contact Information

Sertis designates the Data Protection Officer to be responsible for handling the exercise of the Data Subject’s rights and receiving complaints of the Personal Data infringement.

 

If you have any queries, recommendations or concerns regarding this Policy. Please feel free to contact our Data Protection Officer.

Attn:           Data Protection Officer

Address:   597/5, 3rd Floor Suite 302, Sukhumvit Road, Khlong Tan Nuea Sub-district,

                      Wattana District, Bangkok, 10110, Thailand

Tel:              02 001 1893

Email:        dpo@sertiscorp.com