Privacy Policy_en
Privacy Policy
Tokyo Enesys (Thailand) Co., Ltd.
According to the Personal Data Protection Act B.E. 2562, the collection, usage or disclosure of personal data and the rights of the data subject must comply with the law. The Company, as a data controller, has therefore established this privacy policy to use as a guideline with the following important contents:
1. Definition
“Policy” means this Privacy Policy, including the revised version and later promulgated.
“Company” means Tokyo Enesys (Thailand) Co., Ltd.
“Personal Data” means any data about an individual that enables that person to be identified either directly or indirectly such as name, surname, email address, telephone number, photo, etc., but does not include deceased data or organization.
“Sensitive Personal Data” means personal data about race, ethnicity, political opinion, cult, religion or philosophy, sexual behavior, criminal records, health data, disability, trade union data, genetic data, biological data or any other data which affects the data subject.
“Data Subject” means the person (s) identified by the Personal Data.
“Data Controller” means an individual or organization having the authority to make decisions about the collection, usage or disclosure of Personal Data.
2. Scope of Policy
This policy is applicable to the data subject such as business partners, employees, executives and the Board of Directors and/or any person who discloses personal data to the Company, including those who have activities related to personal data with the Company.
3. Sources of Personal Data
3.1 The data that the data subject directly gives to the company by communication.
3.2 The Personal data received by the Company or accessible from other sources. The Company will collect personal data from other sources only with the consent of the data subject as required by law, unless otherwise exempted by law. The Company will notify the data subject within 30 days from the date of collection.
The Company will collect, usage and/or disclose personal data to be accurate, complete, up-to-date and will collect, usage and/or disclose sensitive personal data only when the Company has obtained the express consent of data subject. Unless otherwise exempted by law.
4. Purposes for collection, usage and disclosure of personal data
4.1 For the Company’s business operations such as contracting, procurement, production, distribution, transportation, financial transactions, satisfaction survey, etc.
4.2 For human resource management such as job recruitment, employment, health insurance, social security, compensation fund, provident fund, security, occupational health care, etc.
4.3 To comply with the conditions, requirements, the rights under the contract and/or as required by law.
4.4 To comply with various policies, procedure, requirements, regulations of the company, etc.
4.5 For any other operations such as data of the Company’s directors, Shareholder, etc.
The company will collect and use such data only for as long as necessary for the purposes for which the data subject has been notified or as required by law. The Company will not do anything different from that stated in the purpose of collecting the data unless:
(1) Notify the new purpose to the data subject and obtain the consent of the data subject.
(2) It is in compliance with the Personal Data Protection Act or other relevant laws.
Consent
(1) It must be made expressly in writing or made through an electronic system, except under the condition that consent cannot be obtained by such means.
(2) Must notify the purpose of collection, usage or disclosure of personal data.
(3) Consent is to be separated from other statements for clarity and comprehension.
5. Period for retention of personal data
The Company will retain personal data for the period as necessary to achieve the purposes set by the company and/or retain as required by law in consideration of the necessity of each type of data. The Company will destroy or delete personal data after the expiration of such period by proper method.
6. Security of personal data
The Company has established the security measures of personal data as follows:
6.1 Determine the right to access, use, disclose personal data. This includes showing or verifying the person who accesses or uses personal data strictly according to the Company’s regulations.
6.2 Sending and/or transferring personal data abroad including the usage of personal data to retain on a database in any other system which the company that receives the data transfer or data storage service is abroad. The destination country where personal data is retained must have adequate personal data protection measures.
6.3 In case of personal data breach, the company will notify the data subject within 72 hours after the incidence, including informing the plan to remedy the damage from the violation of such rights.
6.4 The Company will arrange to review the security measures of personal data when necessary or when technology changes to provide appropriate security performance, including supporting and encouraging employees to be knowledgeable and aware of their duties and responsibilities in collection, storage, usage and disclosure of the data subject’s personal data.
7. Data subject right
7.1 Right to withdraw consent :
The data subject has the right to revoke the consent that has been given to the Company throughout the period that personal data is still with the Company.
7.2 Right of access :
The data subject has the right to access his/her own personal data and request the company to make a copy of such personal data, including asking the company to disclose the acquisition of personal data that the data subject did not give consent to the company.
7.3 Right to data portability :
The data subject has the right to request the transmission or transfer of his/her personal data provided to the Company to another data controller or to the data subject himself/herself.
7.4 Right to object :
The data subject has the right to object to the collection, usage or disclosure of personal data. If it is found that it is not correct, inappropriate or unfair.
7.5 Right to rectification :
The data subject has the right to request the Company to amend the personal data to make it current, accurate or complete.
7.6 Right to erasure :
The data subject has the right to request the Company to delete or destroy his/her personal data.
7.7 Right to restriction of processing :
The data subject has the right to suspend the usage of his/her personal data or because it is out of necessity.
7.8 Right to complain :
In the event that the company or the Company’s contractor violates or fails to comply with the Personal Data Protection Act B.E. 2562 or announcements issued under this Act.
The Company has no right to refuse the request to exercise the above rights of the data subject. Unless expressly provided by law, the Company has the right not to act as requested.
The data subject can contact to request to exercise his/her rights through the channel specified by the Company.
8. Policy changes
The Company may update the details in relation to this Policy to comply with relevant laws. The Company will notify the data subject by means of an announcement via the Company’s e-mail or other channels as appropriate and various personal data that the company has been stored before this announcement, the company will continue to maintain, process and store in the same way as before.
9. Ways to contact the company
The data subject can contact and submit a request to exercise the above rights. (Contact details appear in the section “Contact Channel” below) The Company will consider and notify the result of request within 30 days from the date the Company receives the request.
However, such rights may be limited in accordance with the rules prescribed by law, and the company will record such request as evidence.
Contact Channel:
Contact Information Center
Tokyo Enesys (Thailand) Co., Ltd.
92 Mu 6 Bangna -Tart road, Thakham, Bangpakong, Chachoengsao 24130 Thailand
Tel : +66 38-086901-4
Fax : +66 38-086905
E-mail: [email protected]
Announced on May 20, 2022.