Terms of Service
Personal Data Protection Policy for a Customer
Personal Data Protection Policy for a Employee
Personal Data Protection Policy for an Applicant
Personal Data Protection Policy for the Suppliers
Personal Data Protection Policy for a Customer
GetLinks (Thailand) Company Limited (the “บริษัทฯ”) is strongly aware of an importance of rights and privacy of a customer, including a natural person who performs on behalf of a juristic person (the “Data Subject”). Therefore, the Company provides this personal data protection policy for the purpose of informing the Data Subject regarding collection, usage and disclosure (the “Processing”) under the personal data management of the Company.
- The Purpose of Personal Data Processing
- For providing the service to the Data Subject in relation to recruitment and any operation which allows the Data Subject to present the resume for accessing to the suitable job position or selecting the job position which interested the Data Subject, or assisting the Data Subject to be chosen in the suitable job position.
- For an execution upon a request of the Data Subject prior to entering into an agreement, or for complying with an agreement, provided that the Data Subject is a party to the Company; for instance, for a purchase of goods and/or service providing to the Data Subject; any performance in accordance with an agreement which the Data Subject is a party; including, goods delivery; finance and accounting management; and any performance which provides goods and/or services as requested by the Data Subject
- For confirmation or authentication of the Data Subject for any operation or communication with the Company; and
- For marketing operation; informing any news and benefits; and information analysis.
- For following up and answering any questions, inquiries or requests of the Data Subject
- Personal Data for Personal Data Processing
- Source of the Personal Data
- Directly collect from the Data Subject; for instance, a collecting of the personal data from filling in the Company’s form; or entering into the Company’s website via cookies.
- Indirectly collect from other sources which is not directly from the Data Subject; for instance, asking for the data from a third party; or searching the personal data through any website. The Company shall notify the
- Data Subject and request a consent from the Data Subject, without delay, within 30 days from the date which the Company collects the personal data from such source.
- Collecting the personal data from a minor, an incompetent person and a quasi-incompetent person, the Company shall take into account of a personal data protection at the highest level as required by laws.
- Types of the Personal Data to be Processed
- Personal Data such as name, surname, identification number;
- Contact Data such as permanent address, current address, telephone number, email and data on any social media platform; and
- Data of an Equipment or Instrument such as IP address Cookie, ID IMEI.
- Usage and Disclosure of the Personal DataThe Company may disclose the personal data, if necessary, for the purpose of complying with the informing Company’s objectives to a third party and/or any other organizations or entities as follows
- Trading partners, business partners of the Company, subsidiary and/or other service providers, including financial institution. Disclosing the personal data to such third party and/or any other organizations or entities, the Company shall manage those mentioned persons to keep the personal data in secret and not to use it for any other purposes rather than the scope set forth by the Company.
- Government sector which has a legal authority according to the laws; for the purpose of complying with the laws, orders, petitions; in order to coordinate with any sectors in relation to the legal compliance.
- Personal Data Collection Period
- The Company shall collect the personal data of the Data Subject for a necessary period for the purpose of the Company’s objective in accordance with a type of the personal data; except, there is a permission by laws providing a period extension for collection. In the event that the personal data collection period cannot be precisely specified, the Company shall collect the personal data for a foreseeable period in accordance with a collection standard. Once such collection period is expired, the Company shall delete or destroy such personal data.
- In the case that the Company uses the personal data of the Data Subject with his consent, the Company shall process such personal data until the Data Subject notifies to cancel such consent and the Company has completely cancellation as requested. In this regard, the Company shall collect necessary part of the personal data for recording a cancellation of such consent by the Data Subject.
- Transferring the Personal Data to a Foreign Country
- The Company may deliver or transfer the personal data of the Data Subject to an affiliated company or any other persons in a foreign country in a necessary case to complete the Company’s objectives which have been informed to the Data Subject.
- In the event of delivering the personal data of the Data Subject to a foreign country, the Company shall comply with the Personal Data Protection Act and use a suitable measure to ensure that the personal data of the Data Subject is protected. The Company shall provide that a person who receives the data shall have a suitable protection measure to protect the personal data of the Data Subject and processes such personal data merely in a necessary manner.
- The Rights of the Data Subject under the LawsThe Data Subject has the rights as follows:
The Data Subject can exercise the rights which provided by law by contacting the Company or the Data Protection Officer in accordance with article 8 and 9 of this policy (the rights can be exercised upon the Personal Data Protection Act has come to effect on the data controller). The Company shall proceed with and consider the complaint in accordance with the rights of the Data Subject within 30 days from the date that the complaint has been received. In this regard, the Company shall reserve the rights to refuse to proceed the Data Subject’s right under the conditions of the laws or under any agreements with the Company.
- Right to Withdraw a ConsentThe Data Subject has the right to withdraw a consent of Processing the personal data which has been given to the Company at all time. In this regard, the withdrawal shall not affect a part of the personal data which has been Processing with lawfully consent given by the Data Subject.
- Right to Access and Request Receive a Copy of the Personal DataThe Data Subject can inform the Company to provide a copy of the personal data and has the right to inform the Company to disclose an acquisition of the personal data where such personal data has been given without the Data Subject’s consent.
- Right to Request Receive to Send or Transfer the Personal DataThe Data Subject can request the Company to send the data to other persons and request to receive the personal data which the Company has sent or transferred to other persons.
- Right to Object Collection, Usage or Disclosure of the Personal DataThe Data Subject can object collection, usage or disclosure of the personal data upon there is no necessity to collect, use and disclose the personal data; or upon a collection, usage or disclosure for a purpose of direct marketing.
- Right to Request for Deleting or Destroying the Personal DataThe Data Subject can request the Company to delete or destroy the personal data upon there is no further necessity of collection; or upon there is an unlawful Processing of the personal data.
- Right to Request for a Usage Suspension of the Personal DataThe Data Subject can inform the Company to suspend the personal data usage during a personal data correctness inspection as requested by the Data Subject for a correctness amending of such data; or as requested to suspend instead of deleting the data.
- Right to Request for an Alteration/Addition of the Personal DataThe Data Subject can request the Company to amend an incorrect, not-up-to-date, misleading personal data and/or to add the incomplete data.
- Right to ComplainThe Data Subject has the right to complain in the event that the Company violates or does not comply with the Personal Data Protection Act or with a declaration issued in accordance with the Personal Data Protection Act.
- Security MeasureThe Company has adopted the technical security standard and appropriate management in order to protect the personal data from an unauthorized accessing usage or disclosure; misusage; loss; destruction, by using the appropriate standard for security such as data level security or access restriction of the personal data, in order to ensure that only an authorized person can access to the personal data of the Data Subject. The Company has provided an appropriate security measure to prevent loss; access; usage; alteration; amendment; disclosure of the personal data from an unauthorized person or a person who is not related to the personal data.
- The Information of the Data Controller (the Company)
GetLinks (Thailand) Company LimitedAddress: 193/36 Lake Rajada Office Complex, Unit 10B, 10th Floor, Ratchadaphisek Road, Klongtoey Sub-district, Klongtoey District, BangkokContact: 02-1266927
- The Information of the Data Protection Officer (DPO)
- The Company reserves the right to make all additions, alterations, improvements to the personal data protection measure to be appropriated in accordance with the Personal Data Protection Act. In the event that there is any amendment, the Company shall inform the Data Subject afterward.