We may amend or change this Privacy Policy at any time we deem necessary with or without notice, so we suggest you read this Privacy Policy every time before doing any transaction with us. We will also provide additional notice of significant updates to this Privacy Policy.
3. To whom we may disclose or transfer your Personal Data We may disclose or transfer your Personal Data to the following third parties who collect, use and/or disclose Personal Data in accordance with the purposes under this Privacy Policy. These third parties may be located in Thailand or outside of Thailand. You can visit their privacy policies to learn more on how they collect, use, and/or disclose your Personal Data as you are also subject to their privacy policies.
3.1 Siam Piwat Group
As Siam Piwat Company Limited is part of Siam Piwat Group which all collaborate and partially offer services, products, and systems to customers, including website-related services and systems, we may need to transfer your Personal Data to, or otherwise allow access to such Personal Data, by other companies within Siam Piwat Group for the purposes set out in this Privacy Policy. This will allow other companies in Siam Piwat Group to rely on consent obtained from the Company as well. Nevertheless, we will protect your information and disclose your Personal Data to provide interests to you from receiving services from Siam Piwat Group.
3.2 Our service providersWe may use other companies, agents, or contractors to perform services on behalf of the Company or to assist with the provision of products and services to you. We may share your Personal Data to our service providers or third-party suppliers, including, but not limited to (1) bank and financial institution; (2) logistic and courier service providers; (3) marketing, advertising media, and communications agencies; (4) event organizers; (5) telecommunications and communication service providers; (6) outsourced administrative service providers; (7) data storage and cloud service providers; (8) insurance company; (9) risk management service provider; (10) travel agencies; (11) building renovator; (12) gift card issuance service provider; and/or (13) internet, software, digital media, IT system service providers, and IT support company.
In the course of providing such services, the service providers may have access to your Personal Data. However, we will only provide our service providers with the Personal Data that is necessary for them to perform the services, and we ask them not to use your information for any other purposes. We will ensure the service providers we work with will comply with the requirements under the data protection laws.
3.3 Our business partners
We may transfer your Personal Data to our business partners. We may cooperate with our business partners (e.g., shop tenants, rewarding program partners, credit card partners), whom we may jointly offer products or services, or whose products or services may be offered to you.
3.4 Third party sites We may have advertisements which link to the other websites, mobile applications, social networking sites, online communication channels and such website, mobile application, social networking site, online communication channel may have its own terms of use or policy related to the use of the service and privacy policy which differ from the Company’s Privacy Policy and terms of use. We suggest you review such terms of use or privacy policy of such website personally.
3.5 Third parties required by law
In certain circumstances, we may be required to disclose or share your Personal Data in order to comply with legal or regulatory obligations. This includes any law enforcement agency, court, regulator, government authority or other third parties where we believe it is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights, the rights of any third party or individuals’ personal safety, or to detect, prevent, or otherwise address fraud, security, or safety issues.
3.6 Professional advisors This includes legal consultants, auditors or other consultants who assist in running our business, and the defending or bringing of any legal claims.
3.7 Assignee of rights and/or obligations Third parties as our assignee, in the event of any reorganization, merger, business transfer, whether in whole or in part, will comply with this Privacy Policy to respect your Personal Data.
3.8 Other third parties We may disclose Personal Data under legal bases for the purposes specified in this Privacy Policy to other third parties, such as, individuals, complainants, or any third party who requests to obtain the information from the CCTV records, etc. as the case may be.
4. The collection of the Personal Data of Siam Gift Card’s customersWe may collect your Personal Data from the business provider who is licensed to undertake the electronic payment services for the issuance of electronic gift card under “Siam Gift Card”, for the purposes of providing electronic gift card services, including the communications, marketing, provision of privileges to you, and other purposes under this Privacy Policy. We will request your consent where it is required by law.
5. International transfers of your Personal Data We may disclose or transfer your Personal Data to third parties or servers located overseas, which the destination countries may or may not have the same data protection standards. We take steps and measures to ensure that your Personal Data is securely transferred and that the receiving parties have in place suitable data protection standards or other derogations as allowed by laws. We will request your consent where consent to cross-border transfer is required by law.
6. How long do we keep your Personal Data We shall retain your Personal Data for as long as is reasonably necessary to fulfil the purpose for which we obtained it, and to comply with our legal and regulatory obligations. However, we may have to retain your Personal Data for a longer duration, as required by applicable law.
7. Cookies and cache file and how they are used
If you visit our websites and applications, we will track, collect, and record certain Personal Data by using cookies or other tracking technology. For the applications, cookies will start tracking when you log into the applications, where cookies will remember you and keep you logged in with your username and password every time you use the application unless you log out. In case we have no control over cookies, we will not collect information from cookies or access to cookies.
We shall use a cache data to record your data. In case you use other devices to connect with our websites or applications, your data may be stored and recorded in form of a cache file, or the part of your data might be duplicated on the computer or mobile device for using next time, provided that we have no control related to the data or access of the cache file.
8. Your rights as a data subject Subject to applicable laws and exceptions thereof, you may have the following rights to:
|
1) Right to access:
You may have the right to access or request a copy of the Personal Data we are collecting, using, and/or disclosing about you. For your own privacy and security, we may require you to prove your identity before providing the requested information to you.
|
|
2) Right to rectification: You may have the right to have incomplete, inaccurate, misleading, or or not up-to-date Personal Data that we collect, use, and disclose about you rectified.
|
|
3) Right to data portability:
You may have the right to obtain Personal Data we hold about you, in a structured, electronic format, and to send or transfer such Personal Data to another data controller, provided, that (a) such Personal Data shall be Personal Data you have provided to us, and (b) we have obtained your consent for collecting, using, and/or disclosing such Personal Data, or for performing our contract with you.
|
|
4) Right to objection:
You may have the right to object to certain collection, use, and/or disclosure of your Personal Data, such as objecting to direct marketing.
|
|
5) Right to restriction:
You may have the right to restrict the use of your Personal Data in certain circumstances.
|
|
6) Right to withdraw consent:
For the purposes you have consented to our collecting, using, and disclosing of your Personal Data, you have the right to withdraw your consent at any time.
|
|
7) Right to deletion: You may have the right to request that we delete or de-identity Personal Data that we collect, use, and disclose about you. However, we are not obligated to do so if we need to retain such data in order to comply with legal obligations or to establish, exercise, or defend legal claims.
|
|
8) Right to lodge a complaint:
You may have the right to lodge a complaint to the competent authority where you believe our collection, use, and/or disclosure of your Personal Data is unlawful or noncompliant with applicable data protection law.
|
9. Security Measures We maintain appropriate security measures for Personal Data, which cover administrative, technical and physical safeguards in relation to access control to protect the confidentiality, integrity, and availability of Personal Data against any accidental loss or unlawful or unauthorized access, use, alteration, correction or disclosure of Personal Data, in compliance with the applicable laws.
We have implemented measures on controlling access and use of devices for storing and processing Personal Data which are secured and suitable for our collection, use and disclosure of Personal Data. We also have measures on restricting access to Personal Data and the use of storage and processing equipment by imposing users’ access rights, users’ permission rights to the authorized personnel, and users’ duties and responsibilities to prevent unauthorized access, disclosure, perception or unlawful duplication of Personal Data, or theft of device used to store and process Personal Data. This includes measures on the re-examination in relation to access, alteration, erasure, or transfer of Personal Data which are in accordance with methods and channels used to collect, use or disclose Personal Data.
10. Our Contact Details If you wish to contact us to exercise the rights relating to your Personal Data or if you have any queries about your Personal Data under this Privacy Policy, please contact us or our Data Protection Officer at:
|
● Siam Piwat Company Limited ● No. 989, Siam Piwat Tower, Rama 1 Road, Pathumwan, Bangkok 10330 ● Contact Number: 02-610-8333 ● E-mail: dpoteam@siampiwat.com
|