Thai Hospital Products Co., Ltd. (Hereinafter referred to as the “Company”) respects the right to privacy and attaches importance to the protection of personal data in connection with or transacting with the Company. Therefore, this privacy protection policy has been established to have rules, mechanisms, and regulatory measures and the management of personal information clearly and appropriately as follows:
2.1. “Personal Data” means information about an individual by which an individual can be identified whether directly or indirectly but does not include the information of the deceased in particular.
2.2. “Sensitive Personal Data” means information that is truly personal to an individual. But they are sensitive and may risk unfair discrimination such as race, ethnicity, political opinions, cult religion or philosophy sexual behavior criminal records, health information, disability, trade union information genetic information, biological information or any other information which affects the owner of personal data in the same way as announced by the Personal Data Protection Committee.
2.3. “Processing” means the processing, use, disclosure, deletion or destruction of personal data.
2.4. “Personal Data Subject” means an individual who is the owner of the Personal Data from which the Personal Data can be identified whether directly or indirectly
2.5. “Personal Data Controller” means a person or juristic person who has the authority to make decisions about the collection, use or disclosure of personal data.
2.6. “Personal Data Processor” means an individual or a juristic person who undertakes the collection, use or disclosure of personal data on the order or on behalf of the Company which do so is not a controller of personal data.
3. Collection of personal information
3.1. The Company will collect personal data for the purpose, scope and use lawful and fair methods. The collection will be done only to the extent necessary for the operation of the company's objectives.
3.2. The Company will provide the data subject with an electronic consent or according to the company's method cases in which sensitive personal data of the data subject is stored that the company will expressly obtain consent from the data subject prior to collection. Unless the collection of personal data and sensitive personal data is subject to exceptions as specified by the Personal Data Protection Act B.E. 2562 or other laws.
4. Purposes for collecting or using personal data
4.1. The Company will collect, collect or use the personal information of the data subject for the benefit of the Company's operations or to improve the quality of operations to be more efficient or to comply with the laws or regulations relevant to the Company's operations. The Company will store and use such information only for the period necessary for the purposes for which the data owner has been notified or as required by law.
4.2. The Company will not take any action different from those stated in the purpose of collection, unless
(1) Notifying the new purpose to the data subject and obtaining the consent of the data subject.
(2) It is in compliance with the Personal Data Protection Act or other relevant laws.
5. Disclosure of personal data
5.1. The Company will not disclose the data subject's personal data to any person without consent and will disclose it for the stated purpose.
5.2. The Company may have a need to disclose the personal information of the data subject to the Company, affiliates or other people both domestically and internationally for the benefit of the Company's operations and providing services to data subjects by disclosing personal information to such persons, the Company will ensure that such persons keep their personal information confidential and not use it for any purpose other than the scope specified by the Company.
5.3. The Company may disclose personal data of the information subject under the rules prescribed by law, such as disclosing personal information to government agencies government agency regulators including in the event of a request to disclose information by virtue of law.
6. Personal data Security
6.1. The Company will provide measures to maintain the security of personal data that are appropriate and consistent with the laws, policies, regulations, requirements and practices on personal data protection for the Company's employees and other related persons.
7. Participation or Right of the Access and/or Change of Personal Data
7.1. The right to request access and obtain a copy of personal data relating to you or requesting to disclose the acquisition of such personal data that you did not give consent.
7.2. The right to object to the collection, use or disclosure of personal information.
7.3. The Right to request removal or destruction or make personal information non-identifiable information to the person who owns the personal information.
7.4. The Right to request to suspend the use of personal data.
7.5. The right to withdraw consent to the processing of personal data for which consent has been given. The revocation of consent shall not affect the collection, use or disclosure of personal data for which consent has been given.
7.6. The right to rectification of personal data.
7.7. The right to transfer personal data.
8. The Amendment of Personal Data Policy
The Company may update or amend this Policy from time to time to comply with legal requirements changes in the Company's Operations including suggestions and opinions from various departments. The company will clearly announce the changes for your acknowledgment.