Menu

Content

Privacy Notice

Amada (Thailand) Co., Ltd

 

 

1.   Introduction

Amada (Thailand) Co., Ltd. (referred to as “Company”) recognize the importance of your personal data protection and respects your privacy rights under the Personal Data Protection Act B.E. 2562, as amended from time to time, as well as other applicable laws and rules in Thailand (referred to as “PDPA”). For statutory compliance and business objective of company in relation to the collection, usage, and disclosure of personal data to be protected as comply by the law and regulations, Company establishes this Privacy Policy in order to fulfill the objectives of this policy and to comply with the PDPA.

 

2.   Scope of this policy

The policy prescribes the Company’s practice concerning privacy; purpose of the collection, usage, or disclosure of personal data; types of personal data that the Company may collect, use, or disclose; our intended use of personal data; third parties to whom the Company may disclose personal data; the collection and retention of personal data also including other rights of Data Subject if you view that the Company has violated the PDPA. The company would like to announce this Privacy Policy with the following.

 

3.   Definition

Personal Data” means any information relating to a person which enables the identification of such Person, whether directly or indirectly, but not including the information of deceased person in particular.

Sensitive Personal Data” means personal data pertaining to racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disabilities, trade union information, genetic data, biometric data, or any data which may affect the Data Subject in the same manner, as prescribed in Section 26 of the PDPA.

Data Subject” means a Person who owns Personal Data such as customers, suppliers, vendors, board of director, employee, sub-contractors, visitors, and other persons that were processed personal data by the Company, etc. Except where the Person holds the data ownership (ownership) or creates or collects such data on his/her own, whereby this Data Subject refers to only a natural person and excludes a “juristic person” established by law, such as company, association, foundation, or any other organization.

Data Processing” means the collection, use, or disclosure of Personal Data, including any actions performed on Personal Data, as specified in this Policy.

Data Controller” means a person or a juristic person having the power and duties to make decisions regarding the collection, use, or disclosure of Personal Data.

Data Processor” means a person or a juristic person who operates in relation of the collection, use, or disclosure of the Personal Data pursuant to the order given by or on behalf of a Data Controller, whereby such person or juristic person is not the Data Controller.

“Lawful Basis” means the legal basis for the collection of personal data under the law of PDPA.

This Policy does not form an integral part of any contract or agreement unless it’s expressly indicated otherwise. The Company may review and update this policy from time to time, so that it corresponds with any amendments to the applicable law, including PDPA or any changes in our technology, etc.

 

4.   Types of Data Subjects for Data Processing

The company shall collect personal data from the following data subjects for data processing under the scope of this policy.

4.1 Employee means person who works or operates any tasks for the Company, and receive wages, welfare and other allowances or any kinds of compensation from those tasks such as directors, executives, managers, staff, personnel, trainees, operator, or person who have performed similar duties, etc. include their family members and other third person that employee has given its personal data to the Company which the purposes state within the scope of this policy. However, it includes foreign employees (personnel) from the oversea subsidiaries of the Company who are inbounded to work at the company, either short-terms or long-terms period.

4.2 Job Applicant means person who intend to be in process of job selection and interview, for an execution of an agreement with the Company in becoming permanent staff, temporary staff, includes sub-contract staff or other personnel in any positions that performs any works or operations for the Company. Also, these people would get wages, welfare, and other compensations, or whatever is called in return. Whether or not the persons approach direct and indirect to the Company via outsource recruitment service providers or other outsourcers. However, it includes data of other persons that are given to the Company by applicant, but is not limited to the persons that are referred by applicant within job application, applicant’s family members, contact person in case of emergency, etc.

4.3 Intern Applicant, Intern Student means person who is being considered or agreed by the Company to perform any tasks as trainees within the limited period, include other person that are provided data by applicant.

4.4 Guest Speaker and Coordinator mean person who is guest speaker of the activities or trainings and seminars arranged by us or as the representatives of juristic person or training institute that provide services to Company or as the secretary or coordinator of the guest speaker.

4.5 Customer means the person who will purchase or purchases product and/or obtain service from Company, or other persons who contact and inquire for information of product and/or service of Company, the person receiving information of product and/or service through relevant media and the person receiving advertisement and public relations concerning product and/or service of Company, and shall mean to include an ordinary person who is related to or is an agent of the juristic person which is a customer such as the executive, director, employee, hired staff, agent, representative or any other ordinary person, and the person having his/her personal data appeared in relevant documents in relation to the conducting of transaction between Company and such juristic person such as the coordinator, the person issuing purchase order, the person receiving product and the cheque payer, etc. including a person that such juristic person has provided data for Company.

4.6 Participant of the Training, Seminar, Technical Visit means common persons who participate in training, seminar, technical visit. Include community relations activity or other activities that are provided by the company both on-site and online. 

4.7 Website User means person who visit the company’s website or platform whether in the purpose to do business, job application, intern application, apply for participate in activities or trainings, seminars and technical visits that are provided by the Company.   

4.8 Supplier means the person who will sell or sells product and/or provide service for Company, whether it has been registered as the supplier of Company or not, such as the contractual party, service provider and advisor, etc. and shall mean to include an ordinary person who is related to or is an agent of the juristic person which is a supplier such as the executive, director, employee, hired staff, agent, representative or any other ordinary person, and the person having his/her personal data appeared in relevant documents in relation to the conducting of transaction between Company and juristic person such as the coordinator, the person delivering the product and the cheque payer, etc. including a person that such juristic person has provided data for company.

4.9 Subcontractor means the person who is employed under juristic person that provides subcontracting services for the Company, common person who provide subcontracting services, perform works, or carry out any duties for the Company and other person that subcontractor had provided data. Include but not limited to family members, contact person in case of emergency, the heir of law, etc.  

4.10 Visitor means the person who has contacted the Company or person who relates to the Company inside the working area, person who requests access to buildings, work sites or specific area of the Company to perform any kind of duties.

4.11 Person Having Business Relation means the person which is not a customer or trade partner of Company, that has relationship in the manner relating to the conduct of business such as the person who performs work in the government authority which regulate the conduct of business or supervise the compliance with laws, the person interested to participate in business project or the business project participant, the person interested to make a joint investment or the co-investor, the agent or broker for the procurement of product or service for Company, and shall mean to include an ordinary person who is related to or is an agent of such juristic person such as the executive, director, employee, agent, representative or any other ordinary person, and the person having his/her personal data appeared in relevant documents in relation to the conducting of transaction between Company and such juristic person. 

4.12 CSR-concerned Person means person who are in relation to CSR’s activities of Company such as villagers, common people, student who receive scholarship from the Company.

 

5.   Collection of Personal Data

The Company shall collect personal data within the purpose, scope, and lawful and fair methods as is necessary which is defined in the scope of the Company’s objectives. Accordingly, the Company will inform the Data Subject to gain acknowledgment and consent through electronic or other methods as specified by the Company. In case the Company needs to collect sensitive data, the Company shall request explicit consent from the Data Subject before such collection, except for when this is allowed by the Personal Data Protection Act B.E. 2562, or other laws.

   5.1 Types of Personal Data

   The types of personal data that may be collected by are under the characteristics of the activities, locations, and method of collection, which may include the followings:

5.1.1    General Personal Data

  • Identifiable Personal Data such as name, surname, photograph, identification card number, passport number, driver’s license number, date of birth, age, nationality, gender, signature, occupation, position, name and address of workplace, company or original affiliate, professional license number, employee code (in case data subject is an employee), vehicle license plate, username, and password in the system.
  • Personal contact information such as homicide address, current address, phone number, E-mail, or social applications; LINE, WhatsApp, Facebook.
  • Personal financial information such as details of bank account, personal income tax information, details related to contact with mutual fund and/or other information is obliged to declare by law, etc.
  • Employment information such as work commencement date, detail of job interviews, performance appraisals, occupations, positions, name and address of workplace, company or original affiliate, salaries, employment benefits, social security, provident fund, time attendances, leaves, absences, punishments, performance evaluation, history of salary increment, compensation, welfare, work promotions, rotation of work roles, etc.
  • Educational and working history include the reason for terminating contract, detail of reference contact person after leaving the company, training history, skill assessment, proficiency, work experiences from the past to present.
  • Family information such as marital status, spouse information, children, parents, siblings, etc.
  • Health information such as epidemic detection record, health examines under requirement of government measures, health check-up result, etc.
  • Insurance information such as health insurance, life insurance, etc.
  • Supporting document for contracts or terms and conditions which are agreed with the company.
  • Security information such as sound, images and motion pictures that are recorded in CCTV footage of the area under the Company’s control.
  • Referral or emergency contact details such as information of other person that were given by subject data, including but not limited to referral in job applications, family’s members, beneficiary heirs, etc.
  • Data of Information Technology such as technical information from the usage of Company’s websites or applications; email, website, Facebook, LINE, Twitter, or other online media platforms. Activity usage and access to Log files, IP address, Cookies.
  • Other Information that was given by data subject to the Company such as correspondence in any kinds, hobbies, personal interest, opinions, claims, comments from surveys and questionnaires.

5.1.2 Sensitive personal data as defined in Article 3.

 

   5.2 Source of Personal Data Collection Basically, the Company collects the Personal Data from the following sources.

5.2.1    Direct from Data Subject through one of the following channels.

    • verbally, either communication face-to-face or via telephone.
    • documents such as cover letter, curriculum vitae/resume, application forms, business name card, contracts, agreements, company affidavit, quotation, purchase order, other forms, attachments, etc.
    • other communication tools such as email, facsimile, and online media applications, etc.

5.2.2    Public Sources provided by private sector, any trade association, and or any government agency, such as on website, application, online social media (e.g., Facebook), etc.

5.2.3    Related Person of the Data Subject.

 

However, if the Company must collect the Personal Data from other sources, it will do so in compliance with the PDPA.

 

   5.3 Lawful Basis for Collecting Personal Data     

   The Company will collect, use, or disclose personal data on a lawful basis that stipulated in the PDPA, by using appropriate method, fair, legal means, transparent and only necessary for the Company’s operation.

5.3.1    General Personal Data will be collected when one of the following 7 lawful bases is approached.

1) Consent - In case of the Company unable to collect data by other lawful bases that prescribed in this policy, Company must have the explicit consent from data subject prior to or while collecting personal data. Unresponsiveness or inaction shall not be considered as a consent from the data subject.

2) Contract - To fulfill the contract between the Company and the data subject or to perform as required by the data subject before entering into a contract with the Company.

3) Legal Obligation - To comply with the laws applicable to the Company. In the event of the law requires the Company to collect, use or disclose personal information. The Company is not required to obtain consent from the data subject. This may include processing personal data pursuant to court orders or government officials, such as retention of employee’s personal data for compliance with labor protection laws, keeping documents in relations to accounting for a period of time as required by law, etc.

4) Vital Interests - To prevent or suppress an endangered incident to Data Subject’s life, body, or health such as the Company needs to collect personal data due to an emergency accident that occurs with the data subject.

5) Public Interest To perform duties in carrying out missions for the benefit of the public or performing duties in exercising state power.

6) Legitimate Interest - The Company may collect Personal Data without obtaining the consent of the Data Subject. In the event that the Company needs to collect such information in order to take action on the legitimate interests of the Company and/or a third party who is not the Data Subject such as legitimate interests in the Company's business operations and/or the third parties, security and protection of property and persons on company premises, organization management, etc.

7) Archives/ Research/ Statistic - For the purposes related to the preparation of historical documents or archives for the public benefit. or relating to research studies or statistics which have provided appropriate protection measures to protect the rights and freedoms of Data Subjects.

5.3.2    Sensitive Personal Data, the Company may collect, use, or disclose sensitive personal data only inquire for the explicit consent from Data Subject, unless it falls into the following legal exceptions:       

    • Prevent or suppress dangers to life, body, or health of individual whose Data Subject is not able to give consent for any reasons. In such cases, it is usually used for emergencies.
    • Information that is publicly available with the explicit consent of the Data Subject.
    • It is necessary to comply with the law in order to achieve the objectives in regard to;

- Preventive medicine or occupational medicine and employee’s assessment of work ability.
- Public health benefits.
- Labor Protection, Social Security, National Health Insurance, provision of welfare related to medical treatment according to the basic legal right of individuals. The collection is necessary for the legal rights or legal obligations of the Company or of the Data Subject.
- Scientific research, study of historical, statistical, or other public interest.
- Other important public interests such as the collection of sensitive personal data for the purposes of preventing communicable diseases or epidemics. Collection and disclosure to government agencies of sensitive personal data for anti-money laundering purposes.

 

Remark: Guidelines for considering and interpreting the word “Public Interest” may be changed according to the consideration and definition of the Personal Data Protection Committee, or as specified in secondary laws which latterly may be announced.

6.   Purpose of Personal Data Processing

      The company collects, uses, or discloses Personal Data for the following purposes.

 

6.1 In case where the Data Subject is the employee or has ever been the employee of Company or job applicants, intern applicants and intern student.

 

Clause

Purpose

1

To use in consideration of job application, interview, performance assessment and qualification testing of Data Subject, in accordance with the Company’s procedure. It includes communication to offer contract or enter into employment contract, internship contract as well as revision and termination of contract. It includes other operation of human resource that related to consideration and selection into employment or internship of the Company, record and keep Personal Data to support for the future consideration and communication with Data subject in case there is opening position that may be suitable for Data Subject. 

2

To verify the accuracy of the document, data, to check behavioral conduct, to confirm or identify and identity of the employee or a person based on information or document submitted to the Company as well as the check criminal records and prosecution records, judicial judgements before joining to work with the Company, while being the employee or after terminating being the employee of the Company.

3

To comply with employment contract, agreement, appointment contract, or other relevant contracts between Data Subject and the Company.

4

To qualification check in relevant to work such as Alien Worker Act., Occupational, Health, and Environmental Act., etc. Also, help workers in obtaining such qualifications. It includes checking and collecting other important data for considering the qualification and suitability of position in the purpose of labor protection and work welfare.

5

To proceed any operations that related to the use of Company’s business because of work position such as printing of business name card, use and disclose Personal Data to contact with customers, trade partners, government sectors, other related persons, etc., and for entering into agreement between Company with customer or trade partners. Overseas business trip due to assigned duty, also applications to government agencies, statistics, research and business development program of the Company, compliance with any policies of the Company, or to use in approval, delegation of powers or any proceeding in working.

6

To manage human resource of the Company such as employee’s registration, registration of employee into IT system, verify data prior to employment, evaluation work performance and competency, consideration of promotion, consideration of disciplinary and termination, proceed relating to payroll, compensation, bonus, other expenses, social security, taxation, and any welfares as conducted by the Company. It includes to contact, conduct, coordinate, inquiry, verify information, link information, and/or disclose information to government agencies, fund as required by laws, other entities, banks, insurance companies, other persons, or group/affiliated companies whether through any type of communication system for the above purposes, inform any information and Company’s policy. However, it is for the purpose of managing and supervising employees as follows the Company’s policy and specified by laws.

7

To proceed relating to employee’s training and development, both in-house and public training, and both domestic and overseas training. Disclosure of these information to government agencies such as Department of Labor Protection and Welfare, Department of Skill Development, Ministry of Labor, and disclose information to third persons to achieve such purposes such as external training facilitators.

8

To manage administrative and information technology of the company such as proceed relating the employee’s requirement, distribute working devices or equipment to employee, monitor usage and return of devices or equipment, installation security system into computer devices and company’s network, restriction of accessing into company’s database including organization management in relation to business operation such as merger, acquisition, or re-organization, etc.

9

To carry out company activities in relation to quality control, internal audit, internal control, audit the company's quality management system standards including disclosure of information to other departments within the company and to external companies that have been certified to audit the company's quality management system standards.

10

To manage safety of person and company’s asset such as collection of personal data from data subject before entering to the company area, permission to access into area and/or use company’s asset, surveillance of company area by closed-circuit television (CCTV), building’s entrance-exit control by using card, fingerprint or facial scanner for personal safety, prevent lost and damage of company’s asset, or to use for investigate and follow up lost asset, claim for lost and damages, etc.

11

To proceed health and hygiene management to comply with public health legislation such as collection of body temperature, record health information, dietary restrictions, etc. To prevent deceases, communicable deceases that result widely spread, including emergency incidents that cause danger to life, body and health of the persons who work inside the company. Moreover, it’s included disclosure of personal data to external parties regarding the above-mentioned purposes such as data disclosure to department of decease control, medical institutions, and other government sectors.

12

To record or secure data in the company database for being as evidence which refers to the employment and to carry out activities that comply with employment contract such as collect data from job application, record the company’s entrance-exit data, collect the result of annual health check-up which it’s a company’s welfare, etc. Also, keeping data for compliance with the laws applicable to the Company such as collecting and disclosing personal data to government sectors which it’s stipulated by laws.

13

To protect the legitimate rights of the Company or dispute the allegations against the Company such as legal prosecution, initiation of the case, litigation, out-of-court dispute resolution, and other proceedings in order to protect the legitimate rights of the Company or disputation of allegations that is stipulated by law.

14

To carry out the Company’s activities, projects, include broadcasting any policies and activities through media such as organizing activity or participation in training, seminar, contest activity, etc. Company would bring data such as name, last name, work position, organization, photo, record of audio/ video that related to Company’s activities to broadcast in Facebook, Website, Line or other social media including other kind of media such as television or publications, etc.

15

To record and keep data of person in related to data subject for being reference in employee’s registration and for arranging employee’s welfares.

16

To communicate with person in related to data subject in case of necessity or case of emergency that may happen inside the company area or while carrying out duties such as to inform related person of data subject regarding incident of danger that occurred to data subject.

17

To conduct relating to health check and/or for the benefit relating to Data Subject’s life, health, or safety.

18

To support various operations of the Company such as management, finance, budget, planning, accounting including reporting, analysis, statistics, etc.

19

To conduct in various cases as specified in announcement regarding Personal Data Policy of the Company which the Company has already announced or will announce.

20

To conduct for the benefit of the Company to keep the Data Subject’s Personal Data for the period of time as required by law.

21

To improve or update computer data by third parties to access for the purpose of processing and/or verifying the correctness of Personal Data at the request of the Company.

22

To conduct any action of the Company that benefits to Data Subject.

 

6.2 In case where the Data Subject is the person not the case of clause 6.1

Clause

Purpose

1

To conduct business coordination related to Company such as negotiation prior to enter into agreement with data subject or common person or juristic person that are being an attorney-in-fact of data subject, meeting appointment, business discussion, quotation issuance, purchase order issuance, discussion in scope of agreement, verify information and register personal data of data subject in the company’s database, coordinate with guest speakers, participants to invite and provide them facilitation in carry out Company’s projects, trainings, seminars, etc. For qualification check prior to selection of participants to participate the Company’s activities, projects, trainings, seminars, including selection of sub-contractors to perform work both individual person and juristic person which it’s compliance with Company’s policy. For approval, granting proxy related to business operation, relationship management, etc.  

2

To coordinate with guest speakers, and subcontractors for entering into trade agreement of goods and services. To follow up goods and services that are purchased as per agreement; arrange delivery and receipt, change and return, payment of goods and services. The inspect guest speakers, sub-contractors on the performance of agreement and the payment of remuneration, include the disclosure of personal data of data subject to related external persons such as delivery service provider, sub-contractor, service provider or external specialist in order to perform work as to complied with agreement or provide solution against problems that occur to goods and services. Coordination with data subject in any other matters that related to agreement such as request to adjust terms and conditions, other details within agreement, agreement renewal, etc.

3

To improve and develop quality of goods and services, also to proceed anything related to Customer Relationship Management such as collection of compliant, evaluation, survey of opinion, analysis of consumer purchasing behavior and satisfaction survey concerning goods and services, for Company to design activity of sales promotion or develop the quality of goods and services.  

4

To proceed business transaction such as issuance of commercial agreement, relevant proceedings for paid-out or payment receipt of goods, services, and work performance, follow-up orders, debt collection in case of default on payment, or delay on delivery of goods and services or conduct duty accordance with agreement.

5

To evaluate due diligence and risk management, planning, reporting, analysis, statistic report, status of business investigation, identify proof and verification  or verification of authority, the granting and obtaining of authority for the execution of any agreement or contract with the Company, business forecasting, risk management, audit supervision including the internal audit of the internal audit office and internal management in the organization, budget planning and financial management.

6

To manage safety of the person and company’s asset such as collection of personal data from data subject before entering to the company area, permission to access into area and/or use company’s asset, surveillance of company area by closed-circuit television (CCTV), building’s entrance-exit control by using card, fingerprint or facial scanner for personal safety, prevent lost and damage of company’s asset, or to use for investigate and follow up lost asset, claim for lost and damages, etc.

7

To proceed health and hygiene management to comply with public health legislation such as collection of body temperature, record health information, dietary restrictions, etc. To prevent deceases, communicable deceases that result widely spread, including emergency incidents that cause danger to life, body and health of the persons who work inside the company. Moreover, it’s included disclosure of personal data to external parties regarding the above-mentioned purposes such as data disclosure to department of decease control, medical institutions, and other government sectors.

8

To protect the legitimate rights of the Company or dispute the allegations against the Company such as legal prosecution, initiation of the case, litigation, out-of-court dispute resolution, and other proceedings in order to protect the legitimate rights of the Company or disputation of allegations that is stipulated by law.

9

To carry out the Company’s activities, projects, include publicizing any policies and activities through media such as organizing activity or participation in training, seminar, contest activity, etc. Company would bring data such as name, last name, work position, organization, photo, record of audio/ video that related to Company’s activities to broadcast in Facebook, Website, Line or other social media including other kind of media such as television or publications, etc.

10

To comply with the laws applicable to the Company such as laws concerning taxation, storage, and disclosure of accounting information to auditors, government agency that stipulated by laws and order of authorized person, etc. Include the regulations, requirements by law or government agencies, previously, presently or subsequently a launch of this Announcement comes into force, court’s orders, court’s notifications, order of authorized officials, other authorized agency having duties and power under the virtue of laws.  

11

To support the information technology systems including application of accessing to electronic systems or opening rights to access or use internet or various electronic systems, the utilization of information, maintenance of system and information technology applications, various system inspection to prevent illegal use or against the Company’s policy.

12

To communicate and inform Company’s procedure in relation to business conduction, activities, projects, trainings, seminars to the Data Subject be aware and practice as instructions.

13

For the proceedings in relation to the assignment of any right, duty and benefit such as merger and acquisition, separation or business transfer which has duly been conducted in accordance with the laws.

14

To collect personal data of Data Subject into Company’s database, to coordinate or inquire, verify data, link data and/or transfer data to government agencies, other authorized agencies, other individual person, or a company under the group/affiliates whether throughout any communication systems such as post, electronic mail, telephone, line or other communication channels, etc.   

15

To manage organization and carry out activities concerning to Company’s business operation such as examination and development of services, research of new trade partner to support company or company under group/affiliates, management of information system and database, application for business operation with government agencies, audit, internal audit, consultancy service from business advisor, business merger, business acquisition and organization adjustment.

16

To investigate, inspect in case where there are complaints, or to prevent corruption, or to examination and prevention of bribery or accepting bribes, corruption, fraud, embezzlement, sexual harassment, or any illegal acts.

17

To report or disclose data to shareholders, auditors, various authorized agencies such as Revenue Department, Department of Land, Office of the Board of Investment, etc.

18

To comply with policies or procedures that the Company has conducted or participated in

19

To conduct in various cases as specified in announcement regarding Personal Data Policy of the Company which the Company has already announced or will announce.

20

To conduct for the benefit of the Company to keep the Data Subject’s Personal Data for the period of time as required by law.

21

To improve or update computer data by third parties to access for the purpose of processing and/or verifying the correctness of Personal Data at the request of the Company.

22

To conduct any action of the Company that benefits to Data Subject.

 

Company shall not conduct any processes which are different from the purposes as have previously been shared with the Data Subject except for when:

  • the Data Subject has been informed of such a new purpose, and prior consent is obtained.
  • it is necessary for Company to be compliance with this Act or other laws.

 

7.   Consent

The Company collects, uses, discloses, and processes Personal Data upon the prior or simultaneously express consent of the data subject in writing, or via electronic means. Unless it is unable to obtain the consent accordingly.

In the case Company collects, uses, or discloses the Sensitive Personal Data, Company will obtain an explicit consent from the data subject, unless otherwise specified by laws.

The consent of the data subject refers to the data subject’s consent to Company to collect, use, disclose, or keep the Personal Data of the data subject by any person residing or juristic persons locating, either domestically or internationally as herein stated, unless otherwise specified by laws.

 

8.   Objection of Consent

The consent of Personal Data is a voluntary action of the data subject. The data subject may object to a consent requested by the Company. As a result, such objection may cause Company unable to enter into an agreement, obligation, or to give welfare, to grant to or accept any products or services from, the data subject, to proceed with the data subject’s requests, or to perform any contractual obligations, terms, and conditions.

 

9.   Personal Data Disclosure

The company shall not disclose personal data of the Data Subject without the consent of the Data Subject and shall disclose it solely for the above-mentioned purposes. However, for the benefit of company operations and service provision to the Data Subject, Company may disclose personal data to Company’s subsidiaries or other required persons, domestically and internationally, such as service providers dealing with personal data. The company shall govern the above-mentioned persons to treat the personal data as confidential and not to use the data for purposes which are not covered in prior notifications.

Company may disclose personal data of the Data Subject as required by laws and regulations, such as disclosing it to a government agency, state enterprise, regulator. Also, the Company may disclose it by virtue of laws, such as requests for the purposes of litigation or prosecution, or requests made by the private sector or other persons involved in the legal proceedings.

 

10. Security Measures

Company shall establish measures including for the security of personal data in accordance with the laws, regulations, rules, and guidelines regarding personal data protection for employees and other relevant persons. Company shall promote and encourage employees to learn and recognize the duties and accountabilities in the collection, storage, usage, and disclosure of personal data. All employees are required to follow this policy and all guidelines regarding personal data protection in order for the Company to remain in compliance with this Act accurately and effectively.

 

11. Retention Period of Personal Data

Company will retain the Personal Data only for the necessary duration, and will collect, use and disclose the Personal Data, in accordance with the duration criteria, namely the period during which the data subject is still related to Company, and may still retain the Personal Data within 10 years from the date on which the data subject terminates the relationship with Company unless otherwise specified by related laws. The Company will delete, destroy, or destruct the personal data after the expiration of the period of time.

 

12. Rights of Data Subject

The Data Subject is entitled to request any actions regarding Personal Data, subject to specified by laws as follows.

12.1 Right to withdraw consent; to withdraw consent to processing however, any consent which was obtained earlier shall not be affected.

12.2 Right to access Personal Data; to request access to and obtain a copy of the Personal Data related, including to request the disclosure of the acquisition of the Personal Data obtained without his or her consent.

12.3 Right to data portability; to request company to forward or transfer your Personal Data in the readable format or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means, to other persons, you or to another Data Controller, which is subject to legal requirements.

12.4 Right to object to Personal Data processing; to request company to object the processing of Personal Data under the conditions stipulated by laws.

12.5 Right to erasure of Personal Data; to request company to erase or destroy your Personal Data that is Company’s possession or control, or request that such data to be anonymized, under conditions stipulated by laws.

12.6 Right to restriction the use of Personal Data; to request Company to restrict usage of your Personal Data, except as requested in accordance with the relevant legal provisions.

12.7 Right to rectification of Personal Data; to request company to rectify inaccurate or add incomplete personal data.

12.8 Right to lodge a complaint; to lodge complaints with competent officers or the regulatory authorities regarding Personal Data protection.

The request of any rights shall neither affect the processing of Personal Data to which the data subject has lawfully consented, nor violate any statutory requirements to be complied with the Company.

Data Subject may request these rights by sending a notice or submitting through Electronic Forms set by the Company to the following contact channel, “Contact Information” of this policy. The company shall consider the right request received and inform the Data Subject not exceeding 30 days from the date of receiving such request. However, the Company may deny such a right subject to exception by applicable laws.

 

13. Minor, Incompetent and Quasi-incompetent Person

If the Data Subject is a minor (age below 20), incompetent person or quasi-incompetent person, the Company will not collect your Personal Data unless having consent from the holder of parental responsibility over the child, custodian, or curator. However, it is according to prescribed by laws.

In case, the Company do not acknowledge that Data Subject is a minor, an incompetent person or quasi-incompetent prior to collect data but discover later that the collection is done without consent from the holder of parental responsibility over the child, custodian, or curator, thus the Company shall immediately erase, destroy that Personal Data.

 

14. Review and Changes of Policy

The company may review this policy to ensure that it remains in adherence to laws, any significant business

changes, and any suggestions and opinions from other organizations. The company shall announce, and review amended policies thoroughly before implementing all the changes.

 

15. Contact Information

If you have questions or require further information concerning the protection of your personal data, the collection, use, or disclosure of personal data, exercise your rights or suggestions, please contact;

 

Address:                   Amada (Thailand) Co., Ltd.

                                 Asia Industrial Estate Suvarnabhumi (AIES)

                                 88/41 Moo 4, Khlongsuan, Bangbo, Samutprakarn 10560

Tel:                           66 (0)2 170 5900

Data Controller:      Ms. Chanjira Chanbua

Email:                      info@amada.co.th

 

 

Announced on 1st August 2023

 

 

 Mr. Shuichi Kojima

(Managing Director)