Article 1 - DEFINITIONS:
Within this policy
(a) “Website” means the website named Thai KK and has a website address at www.thaikk.co.th
(b) "Data Controller" means the service provider or owner of the website. under this policy, which are: Thai KK Industry Co., Ltd Juristic Person Registration No. 0105521019749 The office is located at 29/1 Village No. 5, Soi Thammasiri, Debaratana Road, Bang Sao Thong Subdistrict, Bang Sao Thong District. Samut Prakan Province 10570 , Contact email@example.com, firstname.lastname@example.org, 02-338-4900
(c) "Data processor" means a third party who processes data for the benefit of or on behalf of the data controller.
(d) "Data" means anything that conveys the meaning of a story, facts, information or anything, whether that interpretation is made possible by the nature of that thing or through any means. and whether it is provided in the form of documents, files, reports, books, diagrams, maps, drawings, photographs, film, video or audio recordings. recording by computer by electronic means or any other way to make the recordings visible.
(e) “Personal Information” means any information, whether of a user or any other person, that can be used to identify that person. whether directly or indirectly
(f) "Sensitive Personal Data" or "Sensitive Data" means personal data of a User relating to race, ethnicity, political opinion. belief in a cult, religion or philosophy; sexual behavior Criminal records, health information, disability, genetics, biometric data, facial image data, iris or fingerprints. labor union information or any other information which the Personal Data Protection Committee has announced in accordance with the Personal Data Protection Act declares as sensitive personal data.
(g) "User" means you, visitor, user, member of the website. which is the owner of personal data in accordance with this policy
(h) "Personal Data Protection Officer" means a staff member provided by the Data Controller for the execution of the Personal Data Protection Law.
Article 2 User Consent
To access the website The user agrees and consents to the collection, use and disclosure of personal information. including sending or transferring personal information to foreign countries as follows:
(a) Purposes for collecting, using and disclosing personal data including sending or transferring personal information abroad
The user acknowledges, agrees and consents to the data controller and data processor to collect, use and disclose personal data. For the following purposes only
Public Relations and Marketing Social Media Services and Billing
(b) Personal data collected, used and disclosed including sending or transferring personal data abroad
The user acknowledges, agrees and consents to the data controller and data processor to collect, use and disclose personal data, including sending or transferring personal data abroad. the following only
Name, surname, address, date of birth Telephone number, age, education, financial status, work history, race, religion, criminal record Health history, fingerprints, iris, voice or photograph
(c) Data collection period
The user acknowledges, agrees and consents to the data controller and data processor to collect, use and disclose personal data including sending or transferring personal data abroad for a total period of 12 (twelve) months from The date of consent for the collection, use and disclosure of personal information including sending or transferring personal information to foreign countries in accordance with this policy.
(d) Disclosure of personal information to third parties
The user acknowledges, agrees and agrees that the data controller may disclose personal data to third parties for the purposes of this policy and/or as required by law. This includes but is not limited to disclosures to the following persons and/or entities:
Article 3 Linking the User's Information to Third Party Service Providers
The user acknowledges, agrees and agrees that the data controller may link the user's data to the third party service provider. By linking or sharing information with third party service providers from time to time The data controller will notify users of which user data will be linked or shared with third party service providers. or share it This includes, but is not limited to, accepting, authorizing, linking, sharing or any other action. which expressly states that the user consents to the linking or sharing of information with the third party service provider
Initially, the information will be linked and shared. It will include your first name, last name, email address, a link to a third party service provider. personal code Links to images of users used by third-party providers. All of this information is mainly used to create an account for using the service on the website. which users can contact to request to disconnect or delete data at any time according to the contact channels in item 5
Article 4 Tracking User Behavior on Website
The User acknowledges, agrees and agrees that the Data Controller may use the following systems and/or technologies to track user behavior on the Website.
This is only for the purposes stated below.
Article 5 Withdrawal of User Consent
The user acknowledges that the user has the right to withdraw any consent. that the user has given to the data controller under this policy at any time by doing the following
The user also acknowledges that once the user has withdrawn his consent Users will be affected as follows:
Whereas the user also agrees to the effect of the withdrawal of consent.
Article 6 User Account
in using the website Website owners may provide user accounts for each user. as requested by the user from time to time by the owner of the website have the exclusive right to Authorization to open an account Set account type Set access rights for each user account type. any expenses About user accounts, duties and responsibilities of the user who owns the user account.
The user agrees to keep his account name, password and any information strictly confidential. and agreed not to allow and use their best efforts to prevent anyone else from using the user's account.
In the event that the user's account is used by another person The user agrees and warrants that any use by such third parties is performed on behalf of the user and is binding as if the user was doing it himself.
Article 7 User Rights
By accessing the website in accordance with this policy and any consent according to this policy Users are well aware of their rights as data subjects in accordance with the Personal Data Protection Act. including but not limited to the rights of the users as follows:
(a) Users may withdraw their consent given under this Policy at any time. by giving written notice to the Data Controller in the manner and channels set forth in this Policy.
(b) Users have the right to access and obtain a copy of their personal data or related to them that the data controller has collected in accordance with this policy.
(c) Users have the right to be disclosed by the Data Controller of the acquisition of their personal data or relating to them to which they have not given their consent. If there is such a case
(d) Users may require the Data Controller to transmit or transfer their personal data or related to them to another Data Controller. This includes obtaining such transmitted or transferred information directly from the controller of the transmitted or transferred information.
(e) Users may object to the collection, use or disclosure of their or their personal data in the following cases:
(1) The data controller collects, uses or discloses the user's personal data out of necessity for the legitimate interests of the data controller or of any other person from whom the user may prove that he or she has better rights than the controller. information
(2) The Data Controller collects, uses or discloses the User's personal data in order to comply with the Data Controller's law, in which the User may prove that he/she has better rights than the Data Controller.
(3) The data controller collects, uses or discloses such personal data for direct marketing purposes.
(4) The data controller collects, uses or discloses such personal data for the purpose of scientific research studies. history or statistics, where research is not necessary for the public interest
(f) Users may require the Data Controller to delete, destroy, or make the Data personally identifiable. In the following cases
(1) when personal data is no longer necessary for keeping in accordance with the purpose of collecting, using or disclosing that personal information;
(2) When the user who owns the personal data has withdrawn consent to the collection, use or disclosure of such personal information and the data controller has no other legal authority to collect, use or disclose such personal information. longer
(3) When the user has objected to the lawful collection, use or disclosure of that information.
(4) When personal data has been collected, used or disclosed unlawfully, rules, regulations, regulations on personal data protection
(g) the user may have the data controller suspend the use of such personal data while still retaining it. In the following cases
(1) The data controller is being investigated by a committee of experts in accordance with the personal data protection law that the user has complained to such review.
(2) Personal data has been collected, used or disclosed unlawfully, rules, regulations, regulations on personal data protection.
(3) In the event that the user has a need to require the data controller to keep his or her personal data for the benefit of the user's own claims, such as the user's legal claim. Compliance or exercise of legal claims or raising the defense of legal claims The user may require the data controller to simply suspend the use of the data instead of proceeding with deletion, destruction or making the data non-identifiable as the owner of the data.
(4) The data controller is in the process of proving or refusing to object to the collection, use or dissemination of the user's personal data in accordance with the personal data protection law which the user has legally objected to.
(h) when the user finds that the user's personal data is wrong, backward, unclear, or unclear, the user has the right to the data controller to rectify such personal data to be accurate, current, complete and without causing misunderstanding. can be wrong
(i) Users may lodge a complaint to a panel of experts in accordance with the Personal Data Protection Law in connection with the act of violation or non-compliance with the data controller's law, rules, regulations, ordinances on the protection of personal data and/or data processor
Article 8 Security
In the collection, use and disclosure of personal information in accordance with this policy The Data Controller will provide appropriate security measures to prevent the loss, access, use, alteration, alteration or disclosure of non-compliance with the following measures, standards, technologies and/or systems.
This includes controlling for data processors to maintain the security of personal data no less than those set forth in this policy.
Article 9 Amendment of Personal Data
The data controller will provide the following audit systems and measures:
(a) take action to correct personal data to be accurate, current, complete and not cause misunderstanding;
(b) delete, destroy personal data beyond the period for which the user has given consent; and
(c) delete, destroy personal information that is not related to the use of such personal information as the user has given consent.
Article 10 Collection Use and/or disclose personal information in accordance with the Personal Data Protection Act.
The user acknowledges and agrees that the data controller may collect, use and/or disclose the user's information without the user's prior consent. This is to the extent necessary and insofar as it is for the purposes and only in the following cases.
(a) to achieve the objectives relating to the preparation of historical documents or archives for the public interest; or in connection with research studies or statistics which have put in place appropriate safeguards to protect the rights and freedoms of the User's personal data.
(b) to prevent or suppress any danger to life, body or health of any person;
(c) It is necessary for the performance of the contract to which the user of the personal data subject is a party or for the execution of the request of the user of the personal data subject prior to entering into such contract.
(d) it is necessary for the performance of duties in the public interest of the data controller or for the exercise of state powers entrusted to the data controller;
(e) It is necessary for the legitimate interests of the data controller or of another person for whom such benefits are more important than the user's fundamental rights to personal data.
(f) It is in compliance with the data controller law.
In this regard, the data controller will record the collection, use or disclosure of the user's personal data in accordance with the preceding paragraph as important.
Article 11 Collection Use and/or disclose sensitive personal data (Sensitive Data)
The user acknowledges and agrees that in addition to collecting Use and/or disclose personal data collected by the user with his express consent. have used and/or disclosed the personal data in the preceding paragraph The data controller may collect Use and/or disclose sensitive personal data (Sensitive Data) of users without the user's prior consent. This is to the extent necessary and insofar as it is for the purposes and only in the following cases.
(a) to prevent or suppress harm to the life, body or health of the user whose personal data subject is unable to give consent; for whatever reason
(b) is information that is publicly available with the express consent of the user of the personal data subject.
(c) it is necessary for the establishment compliance Use or fight against statutory claims
(d) It is necessary to comply with the law in order to achieve the objectives relating to
(1) preventive medicine or occupational medicine Employee competency assessment medical diagnosis Providing health or social services medical treatment health management or social work systems and services
(2) Public benefits in the field of public health such as health protection from dangerous communicable diseases or epidemics that may be transmitted or spread into the Kingdom. or control of standards or quality of drugs, medical supplies or medical devices It has put in place appropriate and specific measures to protect the rights and freedoms of users of personal data subjects, especially the confidentiality of personal data in accordance with professional or professional ethics.
(3) Labor protection social security National Health Insurance Welfare related to medical treatment of persons entitled to the law Protection of car accident victims or social protection The collection of personal data of users is necessary for the performance of the rights or duties of the data controller or user of the data subject. Appropriate measures have been taken to protect the fundamental rights and interests of users of the personal data subject.
(4) Scientific research studies By collecting, using and/or disclosing only as necessary and appropriate measures have been taken to protect the fundamental rights and interests of users of the personal data subject as required by the Protection Committee. Personal data has been set
(5) Significant public interest Appropriate measures have been taken to protect the fundamental rights and interests of users of the personal data subject.
In this regard, the data controller will record the collection, use or disclosure of the user's personal data in accordance with the preceding paragraph as important.
Article 12 Use of the Website by persons who are in the user's custody, custody or escort
The user undertakes that he is not and will not allow any person who, in the following manner, visits, uses, or is a member of the Website.
(a) an incompetent person under the supervision of the user;
(b) a quasi-incompetent person in the custody of the user;
In the event that the user consents to the aforementioned person to visit, use or become a member of the website User agrees to be deemed to have exercised parental, guardian or guardian powers of such person, as the case may be, to agree and give consent under this policy for and on behalf of such person.
Article 13 Sending or Transferring Personal Data Overseas
The data controller may transmit or transfer the user's personal data abroad in the following cases.
(a) the destination country or international organization receiving personal data has adequate personal data protection standards in accordance with applicable laws, rules, regulations and regulations on personal data protection;
(b) obtaining the consent of the personal data subject provided that the user of the personal data subject has been informed and informed of the inadequate personal data protection standards of the destination country or international organization receiving the data
(c) is a legal practice
(d) It is necessary for the performance of the contract to which the user of the personal data subject is a party or for the execution of the request of the user of the personal data subject prior to entering into that contract.
(e) It is an act of contract between the data controller and another person for the benefit of the user of that personal data subject.
(f) to prevent or suppress harm to the life, body or health of the user, the subject of the personal data or any person when the owner of the personal data is unable to give consent at that time
(g) it is necessary for the carrying out of missions for the benefit of the public;
Article 14 Notification of Personal Data Violation
In the event that the data controller becomes aware of a personal data breach, regardless of the breach by any person. The data controller will take the following actions:
(a) where there is a risk of affecting the rights or freedoms of any person; The data controller will notify the personal data breach to the Office of the Personal Data Protection Commission. without delay as it can be done within 72 (seventy-two) hours from the date of the incident
(b) where there is a risk of having a high impact on the rights or freedoms of any person The data controller will notify of any such breach of personal data and remedies to the Office of the Personal Data Protection Commission and to the users of the personal data subject. without delay as it can be done within 72 (seventy-two) hours from the date of the incident
Article 15 Complaints and Reporting Problems with Personal Data
Users may make complaints and report issues with personal data. including but not limited to Requesting the data controller to amend and/or correct the data objection to data collection or suspend the use of information at the Personal Data Protection Officer through the following channels
Article 16 Recording important items
Unless the data protection law requires otherwise the data controller's rights. The data controller records important items regarding the storage, use, or disclosure of information in writing or electronically for verification by users, data subjects or government agencies. including but not limited to the following items:
(a) Personal data collected
(b) the purpose of collecting each type of personal data
(c) Information about the Data Controller
(d) retention period of personal data
(e) Rights and methods of access to personal data including conditions relating to persons having the right to access personal data and conditions for accessing such personal data
(f) Collection, use or disclosure of personal data that is exempt from obtaining the consent of the user, the data subject.
(g) refusal of requests and objections
(h) details of measures to maintain the security of personal data
Article 17 Amendment to Policy
The data controller may amend and change the text of this policy. any time and whether in whole or in part The data controller will notify the user of each change in order for the user to consider and proceed with the acceptance by electronic means or any other means. and if the user has taken steps to accept it, such amended policy shall also be deemed to be an integral part of this policy.
Article 18 Relationship of the Contracting Parties
where both parties understand and know that Entering into these Terms does not make the counterparty and employees of each contracting party have a relationship as an employee according to labor law or a partner in accordance with the law of partnerships and companies in any way
Article 19 Assignment of Rights
Unless otherwise provided in these Terms. Users agree not to assign their rights, duties and/or liabilities under these Terms to any person without the written consent of the website owner. in advance
Article 20 Waiver
The owner of the website does not exercise or delay the right in any matter or at any time. It shall not be deemed that the owner of the website has waived such rights. and the owner of the website partially exercised or waived the right in any matter or at any one time It shall not be regarded as a waiver of the right in other matters or on other occasions as well.
Article 21 Segregation of Policy
If any statement or agreement in this policy is invalid, incomplete or unenforceable. For whatever reason, the parties hereby agree that other statements and agreements The Agreement shall remain valid and binding on the parties as if there were no void, incomplete or unenforceable portions contained in the Policy.
Article 22 Governing Law
These provisions shall be governed by the laws of Thailand.
Article 23 Dispute Resolution
If there is an argument any conflict occurred as a result of these terms. If the parties cannot agree The parties agree to bring the dispute to the court in Thailand.