Latest updated: 18/10/2022
Abstract
We process the personal data of Website Visitors with reasonable measures to act in compliance with Thailand’s Personal Data Protection Act B.E. 2562 (“PDPA”).
The summary of our Privacy policy is shown below.
Topic |
Overview |
What data do we process? |
We process collected personal data including but not limited to Identity Data, Address / Contact, and IT Data. |
How do we use those data? |
We process personal data according to the purpose and scope of www.trisak.co.th , and with the legal bases as explained in our Privacy Policy. |
Who do we transfer information to? |
In some circumstances, we may be required to transfer personal data to Third-Party Organisations, which are stated in our vendors/partners. |
What are your rights as a data subject? |
As a data subject, you are entitled to the data subject rights which include but are not limited to the right to access, right to rectification , and right to erasure. |
Revision of the policy |
Any revision made will be notified to all related parties regarding the changes in The Privacy Policy. |
Trisak Website Visitors’ Privacy Policy
(Full Version)
- Purpose and scope
- What personal data do we process?
- How do we collect your personal data?
- How do we use your Personal Data?
- Usage of Personal Data with External Third-party Organization
- Transferring Personal Data to Foreign Countries
- Security Measures for Personal Data Protection
- Time Period of Personal Data Storage
- Website Visitors’ Personal Data Rights
- Policy Revision
- Purpose and scope
This Privacy Policy applies to all Trisak Website Visitors. Trisak Automation Company Limited mainly acts as the data controller under PDPA. Therefore, Trisak is committed to collecting and processing Website Visitors data under the purpose and scope of Trisak Automation Company Limited specified here in this Privacy Policy.
Data Controller Contact Information Trisak Automation Co., Ltd. 248 Rachadaphisek Road, Huay Kwang Sub-District, Telephone: 02-274-0081#441 Data Protection Officer (DPO) Contact Information Mr. Bandhit Khaojaturas |
This Privacy Policy covers data subjects who are Trisak Website Visitors, including Website Visitors, Potential Customers, and Customers.
As used in this Privacy Policy, the following terms shall have the meanings set forth below:
‘Processing’ means anything done with Trisak Website Visitors data, including collection, storage, use, disclosure, and deletion.
‘Legal Bases’ means justifiable reasons to process personal data under with Article 24 and Article 26 of PDPA.
This policy may be revised at any given time as notified to Website Visitors through appropriate channels.
- What personal data do we process?
Trisak stores the following Website Visitors personal data :
- Identity Data including but not limited to Name and Surname
- Address/Contact including but not limited to Company, Phone number and Email
- IT Data including but not limited to the Cookie ID , Session ID , UUID
- How do we collect your personal data?
In general, Trisak will directly collect Website Visitors’ personal data through these processes or channels including but not limed to:
- Fill in the Application form on the website.
- Collecting cookie ID from the user’s website
Currently, Trisak does not collect any data through Third-party Organization.
- How does Trisak use your Personal Data?
Group of Activities |
Group of PIIs |
Legal Bases |
Retention Period |
Visitor History |
|
|
2 months |
Register Form |
|
|
After resolved the problem/complaint or 1 year |
Email Newsletter |
|
|
When website visitor unsubscribe |
Online Shopping |
|
|
When website visitor unsubscribe |
Trisak uses Website Visitors’ personal data to carry out tasks per Trisak’s scope and purpose of providing groups of activities, including but not limited to:
Trisak will process Website Visitors personal data according to the stated purposes and scope. If there came upon a case where personal data were to be processed for other purposes unclarified above, Trisak would ask for a new consent to process User’s data on such uses.
- Usage of Personal Data with External Third-party Organizations
Trisak may be required to pass on personal data to external third-party organizations and process personal data under the contract or the legal obligation of Trisak. These organizations may include:
– ICANDOPLIS (Website Developer , Application Developer)
– Logistic Company
For the case where personal data is being passed on the external third-party organizations, Trisak will ensure that the minimum amount of personal data is being sent and consider anonymization and pseudonymization techniques for greater security. Nevertheless, external third-party organizations who will process Website Visitors’s personal data for Trisak will be required to have an appropriate privacy policy. We do not permit these external third-party organization to use the Website Visitors data in a way that diverge from the agreed scope and purpose.
- Transferring Personal Data to Foreign Countries
Trisak does not to pass on personal data to foreign countries.
- Security Measures for Personal Data Protection
Trisak has implemented security measures to ensure the security of Website Visitors’data. External third-party organizations must carry out the processing of personal data under Trisak policy and agrees to ensure the security of Website Visitors’ personal data.
- Time Period of Personal Data Storage
Trisak will store Website Visitors’ personal data throughout for the appropriate period according to Trisak scope and purpose including other important matters such as legal requirements, financing and auditing purposes. (More details according to the table in 4. How does Trisak use your Personal Data?)
- Website Visitors’ Personal Data Rights
Your personal data rights include:
- Right of Access – you have the right to request a copy of all your personal data and assess if the company is processing your personal under the law or not
- Right to Data Portability – for the case where a company has an automated platform allowing you to access your data automatically:
- You have the right to ask for your personal data to be transferred automatically to other organizations
- You have the right to ask for your data to be directly transferred to another organization, with the exception of cases where there is a technological limitation
- Right to Object – you have the right to object to any data process activity of your data for the legal bases, including:
- Public Task or Legitimate Interest
- Direct Marketing Purposes
- Right to Erasure – you have the right to request data deletion or anonymization, under the following cases:
- Expiration of data processing required terms
- Consent has been withheld
- Objections raised on the data processing activity
- The processing activity is not following with the law
- Right to restrict processing – you have the right to restrict any data processing activities, under the following cases:
- During the process of personal data assessment as requested
- For cases related to personal data which has initially asked for deletion and erasure but was followed by an additional request of processing restriction instead
- For cases when the data processing terms have passed, but you have requested for processing restriction due to legal reasons
- During the process of personal data processing objection verification
- Right to Rectification – You have the right to edit your data to be correct and concurrent to the present. If any mistake was detected, the company might not edit this themselves.
In the cases where Trisak may not be able to carry out and exercise your rights, including, but not limited to, the cases where a legal process is taking place, you will continue to have the rights to retract your consent by emailing to all related parties. Trisak will be required to terminate all processes as soon as possible. However, the retraction only is carried out for all data processing after the retraction. Any data process activity carried out before the retraction will not be reversed.
Please be informed that Trisak does record all requests to ensure all issues are resolved. For any queries regarding your data protection and rights, more details are available in TDPG3.0 at: https://www.law.chula.ac.th/event/9705/
In the case where you have the intention to exercise your data protection rights, please contact (Email Bandhit@trisak.co.th) Trisak will process this request in a secure and timely manner. Also, in case that Trisak fails to preserve your rights under PDPA, you can file a complaint to the Office of the Personal Data Protection Commission (‘PDPC’)
- Policy Revision
This Privacy Policy applies to all Trisak Website Visitors and was last updated on 18/10/2022 Trisak holds the right to review and edit the policy as the company sees fit. Any revision made will be notified to all related parties regarding the changes in data processing activity procedures.