Definition

“Personal Data” means any information relating to a person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased Persons in particular. “Sensitive Personal Data” means data that needs to be collected and processed carefully such as personal data relating to racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data, biometric data, etc.
“The Company” means KWI Public Company Limited and its affiliates.
“User” means a natural person or a juristic person who is the data subject and contacts with the Company or accesses to the Information System of the Company.
“Data Controller” means the Company and the Company’s affiliates, as a person having the power and duties to make decisions regarding the collection, use, or disclosure of the personal data, including a person or a juristic person whom the Company assigned to have such power and duties.
“Process” means any operation in relation to the use, disclosure, or correction of User’s Personal Data, whatever method, including transmission and transfer of Personal Data used for business operation. “Information System” means computer system, communication network system, network system connecting to internet system, data storage system, E-mail system, all types of communication system, communication device information, computer device and peripheral device or any relating device which is the ownership of the Company and/or the Company’s affiliates.

Type of Collected Information

The Company will collect your personal data by classifying type of data as the following:
1.“Identification Data” includes name, surname, address, contact address, telephone number, e-mail, date/month/year of birth, gender, credit card number, etc.
2.“System Data” includes the information that the Company automatically collect upon your log-in into the Company’s website whether through the use of cookies, web beacons, log files, scripts, including technical data such as IP Address, browser type and version, time zone setting and location, domain, operation system, etc.
3.“Usage Data” includes web pages that you visit, access time and date, referring website address, goods and services or information you searched for in platforms, information about what you have searched for or looked at while using website, etc.
4.“Contact and Communication Data” includes e-mail, record of conversation, any information given to the Company.

Sources of Personal Data

1.The Company receives your personal data directly from you through the following channels:
• registration through the Company’s website or application
• query with the Company relating to your interested project
• making an appointment with the Company or providing information to the Company when you visit the project site
• making a survey or correspondence e-mail between you and the Company
• participation in any activities or any actions through an electronic platform or a social network or an offline platform
2.The Company receives your personal data from a third party that collects, uses, or discloses your personal data as instructed by the Company or on
behalf of the Company. Your personal data will not be used other than the purposes for which the Company instruct or require such third party to do.
And, the Company require such third party to protect confidentiality of your personal data and to have measures to protect your personal data as
required by the personal data protection law.
3.The Company receives your personal data from cookies when you visit the Company’s website. This data helps us provide you better, faster, safer
services and for your own privacy when you use the service and / or enter the platform.

Purpose of Collection and Use of Personal Data

Personal data collected by the Company will be used within purpose and as necessary for any operation which is the Company’s interests so that the Company is able to provide better, faster, easier, and more efficient services along with your security and privacy upon receiving service and/or getting into platform. Thus, the Company summarizes purposes of data use by classifying as the following data:

Personal Data Process

Upon receiving your Personal Data, the Company will proceed as follows:
1.Collect with having record in computer system such as setting up the server;
2.Use your Personal Data for the Company’s operation under purpose;
3.Disclose the data to staff, under employment contract of the Company, who is responsible for the matter relating data, publish on the Company’s platform or social network for advertisement, also, maybe transmit your Personal Data to credit information unit for inspection and maybe use the result from such inspection for fraud protection.

Retention Policy and Retention Period of Personal Data

The Company collect your personal data in the Company’s information system and provide standard security to keep the Company’s information systems and the use of your personal data secure with following measures:
• Restrict access to personal data which may be accessed by employees, agents, contractors and other third parties. They can only access your personal data on the Company’s instructions, and they are subject to a duty of confidentiality and protection of personal data.
• Provide technological methods to prevent unauthorized access to computer systems.
• Destroy your personal data for security purposes when such information is no longer needed for legal and business purposes.
• Put in place procedures to deal with any suspected personal data breach and will notify a regulator of a breach where the Company are legally required to do so. Retention period of personal data
• The Company will keep your personal data for as long as necessary to fulfil the purposes the Company collected it for, including to satisfy any legal, accounting, or reporting requirements.
• To determine the appropriate retention period for personal data, the Company consider the amount, nature, purpose and sensitivity of the personal data, the potential risk of harm from unauthorized use of your personal data, and the applicable legal requirements.
• The Company collect your personal data obtained from cookies when you use the Company’s website. The Company will keep your personal data for no more than 13 months or as required by relevant laws.

Right of Data Subject

You, as data subject, have the right to proceed as follows:
1.The right to withdraw consent: you shall have the right to withdraw your consent, at any time, in processing personal data which you give the Company consent throughout the duration that your personal data is with the Company.
2.The right of access: you shall have the right to access to your personal data and request the company for a copy of your personal data, including request the Company to disclose personal data acquisition that you did not give us consent to.
3.The right to rectification: you shall have the right to request the Company for rectification of inaccurate or incomplete personal data.
4.The right to erasure: you shall have the right to request the Company for erasure of your personal data.
5.The right to restriction of processing: shall have the right to restrict processing your personal data.
6.The right to data portability: you shall have the right to transmit your personal data provided to the Company to another data controller or to yourself.
7.The right to object: you shall have the right to object, at any time, to processing of your personal data. You can contact the DPO or The Company’s
staff in order to proceed with the request to exercise the above rights.

Marketing Activities and Promotion

The Company may bring your personal data to use for sending news and information relating to market activities and promotion of marketing, products, and services of the Company which the Company sees that you may be interested and maybe useful for you, and the Company will carry on only the case that you expressly consent the Company which the Company has already informed you the purpose about use of your data. In case you have consented the Company, you can withdraw your consent on marketing with the Company at any time through the Company’s opt-out system. The company will withdraw your consent after got your withdrawal intent via e-mail or opt-out system within fifteen days (15) from notified date, in this regard the company will immediately confirm the action resulted once the withdrawal of consent is done.

Cookies Policy

Cookies are tracking information placed on your computer by the web server. After cookies are placed on your computer, cookies will store or memorize the information of the users until the users close the browsers or until the users delete or reject cookies. However, if you choose to use cookies, you will find it more convenient to navigate through the site easily because cookies will help store the information about the websites that you have visited or browsed through.

The Company will collect data of website visit from every visitor through cookies or similar technology, and the Company will use cookies for developing efficiency to access the Company’s service via internet, including efficiency to use the Company’s service via internet.

Privacy Policy of Other Websites

This Privacy Policy is used for the Company’s service and the Company’s website use only. If you click on a link to another website (although via the Company’s website), you will have to study and comply with the privacy policy displayed on that website separate from the Company’s website.

Security of Personal Data

The Company has created capable personal data protection system to protect from being publicized and infringement or being unlawfully used. The Company also emphasizes capability of both technology and performer.

Change of Privacy Policy

The Company will check efficiency and review the Company’s privacy policy regularly in order to be consistent with practice and law. In case of changing privacy policy, it will be announced and published on the Company’s website or other platforms.

Contact

The Company will check efficiency and review the Company’s privacy policy regularly in order to be
KWI Public Company Limited
Contact Address: Empire Tower No. 1, 47th Floor, South Sathorn Road, Yannawa, Sathorn, Bangkok 10120
Tel: (662) 129-5999
E-mail: info-kwi@kwiasia.com