Protecting Personal Information

A. Objectives

TN Group Corporation Company Limited and its affiliates Including persons involved in the processing of personal data on orders or on behalf of the company. you (collectively, the “Information”) so that you can be confident that The company is transparent and responsible for collecting Use or disclose your information in accordance with the Personal Data Protection Act B.E. 2562 (“Personal Data Protection Act”) and other relevant laws. This Privacy Policy (“Policy”) has been developed to inform you in detail about our collection. Use or disclose (collectively, “process”) personal data processed by the Company. including officers and related persons acting on behalf of or on behalf of the Company with the following contents:

B. Scope

This policy applies to the personal information of individuals who have a current and potential relationship with the Company. which is processed personal data by the Company, officers, contractual employees Business Units or other forms of entities operated by the Company and includes parties or third parties who process personal data on their behalf or on behalf of the Company (“Personal Data Processor”) under products and services such as websites, systems, applications, documents or other forms of services maintained by the Company (collectively, the “Services”).

Individuals having relationships with the Company under the provisions of the first paragraph include :-

  1. Individual customers.
  2. Officers or workers, employees.
  3. Partners and service providers who are natural persons.
  4. Directors, attorneys, representatives, representatives, shareholders, employees or other persons having a similar relationship of a juristic person with a relationship with the Company.
  5. Users of the Company’s products or services.
  6. Visitors or use of the website http://www.tngroup.co.th and other websites in the TN group of companies, including systems, applications, devices or other communication channels controlled by the Company
  7. Other persons whom the Company collects personal information such as job applicants, family of officers, guarantors, beneficiaries of insurance policies, etc.

Articles 1) to 6) collectively referred to as “You”.

In addition to this policy The Company may require a privacy policy notice (“Notice”) for its products or services. In order to inform the subject of personal data, who is a service user, of the personal data being processed Purpose and legitimate grounds for processing period of retention of personal information including the right to personal data that the personal data subject has in particular products or services. In the event of a material conflict between the terms of this Privacy Notice and this Policy Subject to the privacy notice of that service.

C. Definition

VocabularyMeaning
Personal informationInformation about natural persons which makes it possible to identify that person either directly or indirectly but does not include information of the deceased in particular.
Sensitive personal dataPersonal data as provided for in Section 26 of the Personal Data Protection Act B.E. 2562, including racial, ethnic, political opinions cult religion or philosophy sexual behavior Criminal records, health information, disability, trade union information Genetic data, biological data or any other information which affects the owner of personal data in a similar manner as specified in the notification of the Personal Data Protection Committee.
Processing of personal dataAny action with personal data such as collecting, recording, copying, organizing, retaining, updating, changing, using, recovering, disclosing, forwarding, disseminating, transferring, merging, deleting, destroying, etc.
Personal data subjectThe natural person who owns the personal information the Company collects, uses or discloses.
Personal Data ControllerAn individual or legal entity having the authority to make decisions about the collection, use or disclosure of personal data.
Personal data processorAn individual or a juristic person who carries out the collection, use or disclosure of personal information on the order or on behalf of the personal data controller. The person or entity doing so is not a personal data controller.

D. Sources of personal data collected by the Company

The company collects or acquires various types of personal information. From the following sources

  1. Personal data that the Company collects directly from the personal data subject through various service channels, such as the process of applying, registering, applying for jobs, signing contracts, documenting, completing surveys or using products, services or other service channels that controlled by the company or when the subject of personal data communicates with the Company at the office or through other communication channels supervised by the Company, etc.
  2. Information that the Company collects from the personal data subject accessing the website, other products or services under contract or under a mission, such as tracking the behavior of using the website products or services of the Company through the use of cookies (Cookies) or from software on the device of the Personal Data Subject, etc.
  3. Personal data that the Company collects from sources other than the personal data subject provided that such sources have the authority There are legitimate grounds or consent from the personal data subject to disclose the information to the company, for example linking the digital services of government agencies to provide comprehensive public benefit services to the personal data subject itself. Receiving personal data from other government agencies as the company has a duty under its mission to provide a central information exchange center to support the operation of government agencies in providing services to people through the system, digital including out of necessity to provide contractual services in which personal data may be exchanged with contractual entities.

This also includes the case where you are a third party personal information provider to the Company as follows: You are responsible for providing details under this policy or announcements of products or services, as the case may be, to such parties. as well as obtaining consent from that person if it is a case where consent is required to disclose information to the Company.

However, in the event that the owner of the personal data refuses to provide the information necessary to provide the Company’s services, it may result in the Company being unable to provide that service to the owner of such personal data in whole or in part.

E. Collection of Personal Information

The Company will collect personal data with the consent of the personal data subject first. except in the following cases:-

  1. To perform the contract In the case of collecting, using or disclosing personal data for the purpose of providing services or performing the contract between the data subject and the Company.
  2. To prevent or suppress danger to life, body or health.
  3. To comply with the law.
  4. For the legitimate interests of the Company In case of necessity for the legitimate interests of the Company’s operations. The company will consider the rights of the data subject as important as to prevent fraud. Network Security protection of freedom and the benefits of the data owner, etc.
  5. For research studies or statistics In the case of historical documents or archives for the public benefit or related to research or statistics which provide appropriate safeguards to protect the rights and freedom of information owners
  6. To perform state missions In the event that it is necessary to carry out the mission for the public interest or the performance of duties under the powers of the state that the company has been assigned.

In the event that the Company has a necessity to collect your personal data for the performance of the contract performance of duties under the law or for the necessity of entering into a contract. If you refuse to provide personal data or object to processing for the purposes of the activity. It may result in the Company being unable to perform or provide all or part of the services you have requested.

F. Types of personal data collected by the Company

To collect and keep personal information. The Company will use lawful means and only limited to the extent necessary for the Company’s operating objectives. which consists of:-

Types of personal dataDetails and Examples
Personal informationInformation that identifies you, or information that identifies you personally, such as your full name, age, date of birth, nationality, identity card number or passport number. or other official documents identifiable.
Contact informationInformation for contacting you such as address, telephone number, email address, social media account name, etc.
Official document informationYour official document information such as a copy of your ID card, a copy of your house registration, a copy of your passport, a copy of your birth certificate, etc.
Financial informationYour financial information such as bank account number, bank account page copy, credit card information, income, etc.
Information collected by the Company or automation from various company devicesInformation collected by the Company or automation from various company devices such as employee code, work permit number, CCTV footage, etc.
Sensitive Personal DataYour sensitive personal data such as race, religion, disability data, criminal history, biometric data (fingerprint mockup, face mockup data), health data, etc.

G. Cookies

The Company collects and uses cookies and other similar technologies on websites under its supervision, such as http://www.tngroup.co.th. and other websites in the TN Group or on your device according to the services you use, for the purpose of operating the security of the Company’s services and to give you, the user, the convenience and good experience in using the company’s services and this information will be used to improve the website of the company to better meet your needs. You can manually set or delete the use of cookies from the settings in your web browser.

H. Purposes for collecting personal data

The Company collects your personal information for a number of purposes. This depends on the type of product or service or activity you use as well as the nature of your relationship with the company or considerations in each context are important. The purposes stated below are just a general framework for the Company’s use of personal data. Only the purposes related to the products or services you use or have a relationship with will apply to your information.

  1. to enter into a contract or perform duties under the contract between the company and the owner of the information or perform duties under contracts between the Company and third parties for the benefit of the data subject.
  2. to answer questions and provide assistance to the data subject
  3. To develop and improve the Company’s products, products and services to better respond to the needs of the data subject.
  4. To provide information and recommend products, products, services or public relations for marketing promotional items or benefits through contact channels received from the data subject As the data subject has given consent As you have agreed with the company
  5. To survey opinions, analyze, conduct research and produce statistical data. for marketing or the development and improvement of the Company’s operations As you have agreed with the company
  6. For the benefit of the management of the Company’s internal affairs or operations that are necessary under the legitimate interests.
  7. To inspect, supervise and secure the building or premises of the Company
  8. For compliance with laws related to the operations of the Company, such as withholding tax.
  9. For the legitimate interests of the company, such as recording complaints through the Call Center system, recording images through CCTV cameras.
  10. For investigation and compliance with laws, regulations, regulations or legal duties of the Company.
  11. Use the information to verify the identity of the customer.
  12. Other purposes with your express consent.

I. Forwarding and Disclosure of Personal Information

The Company will not disclose and forward your personal information to outside agencies. Except with your express consent or in accordance with the following cases.

  1. To achieve the objectives stated in this Privacy Policy. The Company may be required to disclose or share only as necessary information with partners, service providers or external entities. The Company will enter into a personal data processing agreement as required by law.
  2. The Company may disclose or share personal information with its affiliates. It will only process the data for the purposes stated in this Privacy Policy.
  3. The law or legal process requires disclosure. Or disclose to the official government officials or a competent authority to comply with a lawful order or request.

J. Transferring or forwarding information to foreign countries

The Company may transmit or transfer personal information abroad. This will ensure that the destination country or the destination authority has adequate privacy protection standards and policies.

K. Period for collecting your personal information

The Company will retain your personal information only for as long as it is necessary for the purpose for which it was collected. according to the details specified in the policy, announcement or in accordance with the relevant laws. The Company will delete destroy your personal information or make your personal information more identifiable in accordance with the forms and standards of erasure of personal data. However, in the event of a dispute exercise of rights or lawsuits related to your personal data. The Company reserves the right to retain such information until the dispute has been finalized by order or judgment.

L. Protection of personal information

The Company will take appropriate technical and administrative measures. To protect and secure your personal information. It provides encryption for transmitting information over the Internet and controls access to your personal information only for those involved. Both in the part of the information stored in the form of documents and electronically.

M. Connecting to external websites or services

The Company’s services may contain links to third-party websites or services. Such websites or services may have a personal data protection policy that is different from this policy. The Company recommends that you consult the privacy policy of that website or service. In order to know in detail before accessing, the Company is not associated and has no control over the privacy protection measures of such websites or services and cannot be held responsible for the content, policies, damage or actions caused by the website or services of third person

N. Personal Data Protection Officer

The Company has appointed a Personal Data Protection Officer to investigate, supervise and give advice on the collection, use or disclosure of personal information. including coordination and cooperate with the office of the Personal Data Protection Commission To comply with the Personal Data Protection Act B.E. 2562.

O. Your rights under the Personal Data Protection Act B.E. 2562

You can apply for various rights as required by law and as stated in this announcement are as follows:

  1. The right to request access and obtain a copy of personal data.
  2. The right to request the amendment of such information to be current and correct.
  3. Right to obtain personal information In the event that the Company has made the Personal Data in a readable or generally usable form by means of an automated tool or device and that the Personal Data can be used or disclosed by an automated means.
  4. The right to request deletion or destruction or make personal data non-personally identifiable. when the data becomes unnecessary or when the subject of personal data withdraws consent.
  5. Right to request for suspension of use of personal data in the case when it is personal data that needs to be deleted or when such data is no longer necessary.
  6. The right to withdraw consent to the processing of information previously provided by the user.
  7. Right to object The owner of the personal data has the right to object to the collection, use or disclosure of the information at any time.

P. Penalties for non-compliance with the Privacy Policy

Failure to comply with the policy may result in an offense and subject to disciplinary action in accordance with the Company’s rules. (for officers or operators of the Company) or in accordance with the personal data processing agreement (for personal data processors) as the case may be and your relationship with the Company and may be subject to penalties as stipulated by the Personal Data Protection Act B.E. 2562, including secondary laws, rules, regulations and relevant orders.

Q. Complaints to the supervisory authority

In the event that you find that the company has not complied with the data protection laws. You have the right to complain to the Personal Data Protection Committee. Or a supervisory authority appointed by the Personal Data Protection Committee or by law. The company asks you to contact the Company. in order for the Company to have the opportunity to know the facts and clarify various issues including addressing your concerns at the first opportunity.

R. Updates to the Privacy Policy

The Company may consider improving Amend or change this policy at its discretion. And will inform you via website such as http://www.tngroup.co.th and other websites in the TN Group The effective date of each revised version is indicated. However, the Company encourages you to check regularly for new versions of this Policy. through specific channels for activities carried out by the Company Especially before you disclose personal information to the company.

Access to the Company’s products or services after the enforcement of the new policy This constitutes your acknowledgment of the terms of the new policy. Please stop using it if you do not agree with the details in this policy and please contact us. to further clarify the facts.

S. Inquiries or exercise of rights

If you have any questions suggestions or concerns about the Company’s collection, use and disclosure of personal information or about this policy or you want to exercise your rights under the Personal Data Protection Law You can contact us at.

Data Controller

Name: TN GROUP CORPORATION CO., LTD.
Contact location: 8/5 Village No. 13, Soi Petchkasem 91, Om Noi Subdistrict, Krathum Baen District Samut Sakhon Province 74130
Contact:
Tel: +66 (2) 115-5000
Fax: +66 (2) 115-5555
E-Mail: CG@tngroup.co.th

Personal Data Protection Officer

Name: Personal Data Protection Officer (DPO)
Contact location: 18/5 Village No. 13, Soi Petchkasem 91, Om Noi Subdistrict, Krathum Baen District Samut Sakhon Province 74130
Contact:
Tel: +66 (2) 115-5000 เบอร์ต่อ 1217
Fax: +66 (2) 115-5555
E-Mail: DPO@tngroup.co.th

By informing the following information for the exercise of the rights of the personal data subject

  • Name, surname, ID card number/passport number
  • Doubts about personal information or rights that are required by law
  • phone number, address and email address where you can be contacted