The Company realizes the importance of personal data collection and use. And, to ensure that your personal
by the Company will be safe in pursuance of the standard as stipulated in Personal Data Protection Act B.E. 2562 (2019),
the Company therefore prescribes policy and measure of personal data protection as follows:
“Personal Data” means any information relating to a person, which enables the identification of such
person, whether directly or indirectly, but not including the information of the deceased Persons in
particular. “Sensitive Personal Data” means data that needs to be collected and processed carefully such
as personal data relating to racial, ethnic origin, political opinions, cult, religious or philosophical
beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic
data, biometric data, etc.
“The Company” means KWI Public Company Limited and its affiliates.
“User” means a natural person or a juristic person who is the data subject and contacts with the Company or accesses to the Information System of the Company.
“Data Controller” means the Company and the Company’s affiliates, as a person having the power and duties to make decisions regarding the collection, use, or disclosure of the personal data, including a person or a juristic person whom the Company assigned to have such power and duties.
“Process” means any operation in relation to the use, disclosure, or correction of User’s Personal Data, whatever method, including transmission and transfer of Personal Data used for business operation. “Information System” means computer system, communication network system, network system connecting to internet system, data storage system, E-mail system, all types of communication system, communication device information, computer device and peripheral device or any relating device which is the ownership of the Company and/or the Company’s affiliates.
Type of Collected Information
The Company will collect your personal data by classifying type of data as the following:
1.“Identification Data” includes name, surname, address, contact address, telephone number, e-mail, date/month/year of birth, gender, credit card number, etc.
3.“Usage Data” includes web pages that you visit, access time and date, referring website address, goods and services or information you searched for in platforms, information about what you have searched for or looked at while using website, etc.
4.“Contact and Communication Data” includes e-mail, record of conversation, any information given to the Company.
Sources of Personal Data
1.The Company receives your personal data directly from you through the following channels:
• registration through the Company’s website or application
• query with the Company relating to your interested project
• making an appointment with the Company or providing information to the Company when you visit the project site
• making a survey or correspondence e-mail between you and the Company
• participation in any activities or any actions through an electronic platform or a social network or an offline platform
2.The Company receives your personal data from a third party that collects, uses, or discloses your personal data as instructed by the Company or on
behalf of the Company. Your personal data will not be used other than the purposes for which the Company instruct or require such third party to do.
And, the Company require such third party to protect confidentiality of your personal data and to have measures to protect your personal data as
required by the personal data protection law.
3.The Company receives your personal data from cookies when you visit the Company’s website. This data helps us provide you better, faster, safer
services and for your own privacy when you use the service and / or enter the platform.
Purpose of Collection and Use of Personal Data
Personal data collected by the Company will be used within purpose and as necessary for any operation which is the Company’s interests so that the Company is able to provide better, faster, easier, and more efficient services along with your security and privacy upon receiving service and/or getting into platform. Thus, the Company summarizes purposes of data use by classifying as the following data:
Personal Data Process
Upon receiving your Personal Data, the Company will proceed as follows:
1.Collect with having record in computer system such as setting up the server;
2.Use your Personal Data for the Company’s operation under purpose;
3.Disclose the data to staff, under employment contract of the Company, who is responsible for the matter relating data, publish on the Company’s platform or social network for advertisement, also, maybe transmit your Personal Data to credit information unit for inspection and maybe use the result from such inspection for fraud protection.
Retention Policy and Retention Period of Personal Data
The Company collect your personal data in the Company’s information system and provide standard security
to keep the Company’s information systems and the use of your personal data secure with following
• Restrict access to personal data which may be accessed by employees, agents, contractors and other third parties. They can only access your personal data on the Company’s instructions, and they are subject to a duty of confidentiality and protection of personal data.
• Provide technological methods to prevent unauthorized access to computer systems.
• Destroy your personal data for security purposes when such information is no longer needed for legal and business purposes.
• Put in place procedures to deal with any suspected personal data breach and will notify a regulator of a breach where the Company are legally required to do so. Retention period of personal data
• The Company will keep your personal data for as long as necessary to fulfil the purposes the Company collected it for, including to satisfy any legal, accounting, or reporting requirements.
• To determine the appropriate retention period for personal data, the Company consider the amount, nature, purpose and sensitivity of the personal data, the potential risk of harm from unauthorized use of your personal data, and the applicable legal requirements.
• The Company collect your personal data obtained from cookies when you use the Company’s website. The Company will keep your personal data for no more than 13 months or as required by relevant laws.
Right of Data Subject
You, as data subject, have the right to proceed as follows:
1.The right to withdraw consent: you shall have the right to withdraw your consent, at any time, in processing personal data which you give the Company consent throughout the duration that your personal data is with the Company.
2.The right of access: you shall have the right to access to your personal data and request the company for a copy of your personal data, including request the Company to disclose personal data acquisition that you did not give us consent to.
3.The right to rectification: you shall have the right to request the Company for rectification of inaccurate or incomplete personal data.
4.The right to erasure: you shall have the right to request the Company for erasure of your personal data.
5.The right to restriction of processing: shall have the right to restrict processing your personal data.
6.The right to data portability: you shall have the right to transmit your personal data provided to the Company to another data controller or to yourself.
7.The right to object: you shall have the right to object, at any time, to processing of your personal data. You can contact the DPO or The Company’s
staff in order to proceed with the request to exercise the above rights.
Marketing Activities and Promotion
The Company may bring your personal data to use for sending news and information relating to market activities and promotion of marketing, products, and services of the Company which the Company sees that you may be interested and maybe useful for you, and the Company will carry on only the case that you expressly consent the Company which the Company has already informed you the purpose about use of your data. In case you have consented the Company, you can withdraw your consent on marketing with the Company at any time through the Company’s opt-out system. The company will withdraw your consent after got your withdrawal intent via e-mail or opt-out system within fifteen days (15) from notified date, in this regard the company will immediately confirm the action resulted once the withdrawal of consent is done.
Cookies are tracking information placed on your computer by the web server. After cookies are placed on
your computer, cookies will store or memorize the information of the users until the users close the
information about the websites that you have visited or browsed through.
Security of Personal Data
The Company has created capable personal data protection system to protect from being publicized and infringement or being unlawfully used. The Company also emphasizes capability of both technology and performer.
KWI Public Company Limited
Contact Address: Empire Tower No. 1, 47th Floor, South Sathorn Road, Yannawa, Sathorn, Bangkok 10120
Tel: (662) 129-5999