Intellectual Design Group Co., Ltd.

—————————————————————————————————-

We, Intellectual Design Group Co., Ltd, (hereinafter referred to as “Company”) care about the privacy of our clients, (hereinafter referred to as “you”) thus, the Company provide this privacy notice (hereinafter referred to as “Privacy Notice”) to informs you  regarding how the Company handles your Personal Data, such as the collection, use, disclosure or deal with your Personal Data, as well as to notify you of the purposes for such processing including type of Personal Data, the retention period of Personal Data, whom the Personal Data will be disclosed, your rights as a Data Subject, how your Personal Data is kept private and secured, and how to contact the Company. The Company is operates in Thailand, therefore, the processing of your Personal Data shall be in accordance with the Personal Data Protection Law of Thailand.

The Company recommends that you read and understand the following terms under the Privacy Notice:

  1. 1. Definition

Company means Intellectual Design Group Co., Ltd.

You mean the owner of Personal Data which is processed by the company Including but not limited to, website user, customer, vendor, personnel, staff, job applicant and any person relevant to activities or operations of the Company.

Personal Data Protection Law means the Personal Data Protection Act B.E. 2562, and subordinate legislation issued thereunder, and any amendments maybe made in the future.

Personal Data means any information relating to an identified or identifiable person, directly or indirectly, but not including the information of the deceased persons in particular according to the Personal Data Protection Law.

Sensitive Personal Data means Personal Data as specified in Article 26 of the Personal Data Protection Act B.E.2562 such as racial, ethnic origin, political opinion, creed, religious or philosophical beliefs , person’s sex life, criminal records, data concerning health, disability, trade union membership, the processing of genetic data, biometric data, or any other data for the purpose of uniquely identifying a natural person as per an announcement of the Thailand Personal Data Protection Commission.

Processing means any operation of Personal Data, whether or not by automated means, such as collection, recording, copy, alignment, storage, adaptation, alteration, use, retrieval, disclosure, dissemination, transfer, combination, prohibition of access or restriction, erasure or destruction.

Data Subject means the owner of the Personal Data whose data is collected, used or disclosed.

Data controller means an individual or juristic person that has the power and duties to make decisions regarding the collection, use, or disclosure of the Personal Data.

Data processor means an individual or juristic person who operates in relation to the collection, use, or disclosure of the Personal Data pursuant to the orders given by or on behalf of a data controller. Therefore, such an individual or juristic person shall not be the Data controller.

 

  1. 2. Purposes and Lawful Basis for the Processing of Personal Data

The Company processes your Personal Data within the specified purposes under following legal basis:

2.1         Contractual Basis made with the Company

  • For processing your request prior to entering into an agreement, consider for approval in relation to the provision of services, deliver our products and/or services to you, and deal with all matters relating to providing services.
  • For managing your account including arranging shipments of products, billing, confirmation of outstanding debt, delivery of receipts, and providing after-sale service.
  • For the purpose of entering into agreements and other relevant processes, such as checking of evidence for the entry into agreements.
  • For the consideration of their request to apply for a job and enter into the Company’s recruitment process.
  • For the consideration of the job applicant’s request who has passed the interview process and has entered into salary and benefit approval of the employee before entering into an employment contract or other contracts in order to be placed as an employee of the Company.
  • For the entry into an employment contract and other relevant contracts, including undertaking any processes necessary before entering into such contract.
  • For the Company to perform its obligations according to the employment contracts and any other contracts to which such personnel is a contracting party.
  • For the performance of duty or work according to the scope of work specified in the employment contract, employment agreement, appointment contract, or any other contracts to which the personnel have entered into with the Company.
  • For verification of identity as an authorized person in contract signing or exercising any juristic acts on behalf of the Company to which the scope and duty or work within employees’ responsibilities.
  • For the payment of wages, salary, bonus, remuneration and/or any other benefits according to the employment contracts and any other contracts to which such personnel is a contracting party.
  • For the performance according to the employment contract and other contracts which the employees are contracting parties, such as termination of employment, where the employee resigns or retires, and disciplinary punishment record for the employee who violates working rules or regulations.
  • For carrying out the request of such party who has expressed the intention to enter into a sale and service agreement or any agreements regarding to the procurement of the Company.

 

2.2     Consent basis

  • For conduct marketing research and data analysis which include to send news and privileges to you via emails, SMS, applications, social media, telephone, and direct mails, and to conduct survey, interviews and organize projects for our business opportunities.
  • For recording of images and/or voices relating to the meetings, trainings, seminars, recreations or marketing activities held by the Company.
  • For the Company, affiliates and partners to be able to send news and privileges via emails, social media, telephone, or direct mail.
  • For analyze and advertise products/services based on your behavior, or conduct direct marketing campaigns.
  • For the processing of your Personal Data as family members or reference persons of the job applicants will be relying on the consent received from you.
  • For the processing of sensitive Personal Data, such as criminal records, health information and biometric information.
  • For the management of group insurance and other benefits.

2.3     Preventing or suppressing a danger of your or persons life, body, or health basis

  • For the benefit in monitoring, preventing, or suppressing any circumstances which may be dangerous to person’s life, body, or health.

2.4     Company legal obligation basis

  • Compliance with regulatory obligations and/or orders of authorized persons such as orders by any court of competent jurisdiction or of governmental, supervisory or regulatory authorities or authorized officers.
  • For the compliance of laws to fulfil the purpose of labour protection and social security, benefits relating to medical treatment of legal right holder.

2.5     Legitimate interests basis pursued by the Company or by a third party

  • For develop and improve Company’s products and/or services, including systems to enhancement of service standard and/or for the greatest benefits in fulfilling your needs including, conduct customer relationship managements e.g., to serve customers, conduct customer survey, handling customer complaints.
  • For the protection of your security such as access the Company area and/or to register and/or to record CCTV footage and/or deposit identification card.
  • For the collection of Personal Data of prospective employees by the Company’s own initiative, from third parties, such as recruiters via website(s), whereby the prospect employees have not expressed their intention to apply for a job with the Company.
  • For manage Company’s infrastructure, internal control, and business operations and comply with Company’s policies and procedures including those relating to risk control, security, audit, finance and accounting, systems and business continuity.
  • For facilitating an auditor, translation office, translator, agent, related service provider or receive legal advisory services from legal counsel appointed by you or the Company.
  • For maintain and update lists or directories of the customers, and keep contracts and associated documents in which you may be referred.
  • In the event of sale, transfer, merger, reorganization, or similar event, disclose or transfer your Personal Data to one or more third parties related.

To conduct any other activities than abovementioned, the Company may collect additional Personal Data. The Company shall inform and request your consent from time to time.

            Therefore, the details of consent and the impact of consent withdrawal specified in clause 5 of this Privacy Notice.

  1. 3. The Source of Personal Data collected by the Company

3.1     Information collected directly from you when you contact to receive services from the Company, such as fill out a questionnaire, process of issuing quotations and invoices, contract signing, documentation, fill out job applications, interviews, participation in activities, trainings, seminars, meeting including, interaction through Company’s online platform, websites, communication through email, telephone or social media.

3.2     Automatically collect your Personal Data such as the use of Cookies or other similar technologies For more details, please see the Company’s Cookie Policy

3.3     Collect information from other sources, such as recruitment companies or websites (e.g. Linkedin, JobsDB), e-commerce service providers, Department of Provincial Administration, Department of Disease Control, Department of Intellectual Property, and Department of Business Development.

 

  1. 4. Types of Personal Data collected by the Company

Your Personal Data collected and processed by the Company under this Privacy Notice regardless of whether such Personal Data was directly provided by you to the Company or automatically collected from you by the Company, or was provided to the Company by third parties, includes the following:

4.1     Personal information such as title, name, middle name, surname, date of birth, gender, age, education background, Nationality, Marital status, spouse information, beneficiary Information, photo, information as specified in your ID card, passport, a copy of your ID card, copy of passport, house registration, signature etc.

4.2     Contact information such as e-mail, telephone number, address, contact channels on social media, workplace, Line ID, etc.

4.3      Information about your job such as occupation, position, work experience, remuneration, salary, or income etc.

4.4      Information about the purchase of products and/or services such as purchase history, complaints.

4.5      Other information, such as records of interactions and communications between you and the Company in any form or manner, including but not limited to phone calls, emails, text messages, social media communications. and the information you provide to the Company through any channels.

4.6      Information about the electronic device you use such as IP Address, location data, another device identifier, Application Logging, Device ID, etc.

4.7     Sensitive Personal Data such as religious information, race, biometric data (such as facial recognition data, fingerprint recognition data, electronic signature data which uses technology extracting specific behavior of such signing for identification and authentication of the person who writes such signature), criminal record, health information and disability, etc.

  1. 5. Consent obtain and the impact on the service provided if consent is withdrawn

5.1     The Company respects your decision to withdraw consent at any time, unless there is a certain restriction of the withdrawal of consent by law or contract which gives benefit to you.  The withdrawal of consent shall in no way affect the collection, use, disclosure or processing of the Personal Data that you have already and legally given.

6.2     If you wish to withdraw the aforementioned consent, any withdrawal of consent may affect you in terms of usage of products and/or services for some/all purposes set out in this Privacy Policy.

6.3     If you are a minor (under 20 years of age), there must be a consent given by the holder of parental responsibility over the minor.

  1. 6. Retention period of Personal Data

6.1     The Company will retain your Personal Data only for as long as is necessary for the purposes of the Personal Data processing. The Company will retain and use Your Personal Data to the extent necessary to comply with the purposes set out in this Privacy Notice and/or as specified by laws.

6.2     The Company may erase or destroy the Personal Data when it is no longer necessary or when the period lapses. In the event of period lapses, the Company may not notify you of any erase or destroy the Personal Data from our server or system.

6.3     Where the Company process Personal Data with your consent, the Company will process the data until you withdraw your consent and the Company have already implemented your requests. However, the Company will also keep a record of the fact that you have requested the Company not to process your data so that the Company can fulfill your future request.

6.4     In case any dispute arises, the Company will retain and use your Personal Data to the extent necessary to comply with legal obligations until any dispute has an order or a court order.

  1. 7. Disclosure of Your Personal Data

7.1     The Company may disclose your Personal Data to the following parties to the extent permissible under the purposes set out or law; affiliated companies, business partners and/or other persons that the Company have the legal relationship, including our staffs, employees, directors, executives or Company’s person who necessary for the Processing of Personal Data and to provide you services or authorized by you.

7.2      Any not relevant persons, entities and institutes to the Company (hereinafter referred to as “Other Persons”) to comply with the purposes set out in this Privacy Policy e.g. our representatives, third parties providing deliver services, financial service providers ( e.g. financial institutes or payment service providers), cloud and IT services, legal services, consultants, including but not limited to other persons providing services to you, other persons or entities that the Company have a legal relationship or contract relationship, as well as directors, employees, staffs, contractors, representatives, advisors of the Company or such institutions and any processes that comply with the purposes set out in this Privacy Notice.

7.3     Governmental authorities and/or supervisory or regulatory authorities, (e.g. Department of Business Development, Department of Intellectual Property, The Revenue Department, Department of Employment Ministry of Labour, Food and Drug Administration Ministry of Public Health and Immigration Bureau, third parties (in Thailand or elsewhere) related to subpoena, a court order or other legal process or provisions under the laws or regulations of Thailand or in different jurisdictions, other banks, financial institutions and third parties where required by law to help prevent, detect and potentially prohibited or illegal activities protect and enforce policy or terms of the Company.

7.4      Alliances, business partners, service providers, service recipients and data processors which are assigned by the Company to respond, provide service or manage the Personal Data e.g., develops, fixes and maintains the Company’s information technology and network systems or provides you any beneficial services.

7.5      The disclosure of your Personal Data will comply with the purposes set out in this Privacy Notice or other purposes required by law. Where such disclosure shall require your consent, the Company will request a consent from you directly.

7.6      If the Company disclose your Personal Data to other persons, the Company shall determine the security measures for protecting the Personal Data and to keep the information confidential as appropriate under the Personal Data Protection Law.

7.6     The Company will take appropriate security measures for those who receive the Personal Data to ensure adequate data protection in accordance with applicable data protection laws, processing the Personal Data only reasonably necessary for all/any purposes and to prevent of misuse Personal Data.

  1. 8. International transfers of Personal Data

8.1     In the event that your Personal Data is transferred to a foreign country, the Company will proceed to ensure that the company have sent or transferred to the destination country international organization or overseas recipients who have adequate Personal Data protection standards. In some cases, the Company may request your consent for the transfer of your Personal Data to a foreign country. On the basis of adequate safeguards as allowed under Data Protection Laws. The Company may store your Personal Data information on a computer, server, or cloud services provided by a third party, and may use third-party programs, applications and platforms in processing Personal Data. However, the Company will not allow unrelated parties to access into Personal Data and will require such parties to have appropriate security protection measures.

8.2        In the event that your Personal Data is transferred to a foreign country, the Company will comply with applicable Personal Data protection law and take appropriate measures to ensure that your Personal Data is protected and you can exercise your right in accordance with the laws. Moreover, the Company will require those who received the Personal Data to have appropriate protection measures for your Personal Data to process such Personal Data only as necessary and to take steps to prevent unauthorized use or disclosure of your Personal Data.

  1. 9. Data Protection Security Measures

The Company have in place and/or adopt the Personal Data storage systems, which has appropriate mechanism and technique and security standard according to the Personal Data Protection Laws and the relevant regulations, including the limitation of access of your Personal Data by staff, employees and representatives of the Company for the purpose of preventing your Personal Data from the unauthorized usage, disclosure, erasure or access.

 

  1. 10. Rights of Data Subject

As the Data Subject, you have the following rights in relation to your Personal Data, subject to the rules, methods and conditions under the Personal Data Protection Laws as following:

10.1     Right to access and obtain copy

You have the right to access and obtain copy of your Personal Data holding by the Company, unless the Company is entitled to reject your request under the laws or court orders, or if such request will adversely affect the rights and freedoms of other individuals.

10.2    Right to rectification

You have the right to rectify your inaccurate Personal Data and to update your incomplete Personal Data.

10.3    Right to erasure

You have the right to request the Company to delete, destroy or anonymize your Personal Data, unless there are certain circumstances where the Company has the legal grounds to reject your request.

10.4    Right to restrict

You have the right to request the Company to restrict the use of your Personal Data under certain circumstances (e.g. when the Company is pending examination process in accordance with your request to rectify your Personal Data or to object the collection, use or disclosure of your Personal Data, or you request to restrict the use of Personal Data instead of the deletion or destruction of Personal Data which is no longer necessary but you request the Company to restrict it instead as you have necessity to retain it for the purposes of establishment, compliance, exercise or defense of legal claims).

10.5    Right to object the collection, use or disclosure of your Personal Data

You have the right to object the collection, use or disclosure of your Personal Data in case the Company proceed with legitimate interests basis or for the purpose of direct marketing, or for the purpose of scientific, historical or statistic research, unless the Company have legitimate grounds to reject your request (e.g. the Company have compelling legitimate ground to collect, use or disclose your Personal Data, or the collection, use or disclosure of your Personal Data is carried out for the establishment, compliance, or exercise legal claims, or for the reason of our public interests).

10.6     Right to data portability

You have the right to receive your Personal Data in case the Company can arrange such Personal Data to be in the format which is readable or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means. Also, you have the right to request us to send or transfer your Personal Data to third party, or to receive your Personal Data which the Company sent or transferred to third party, unless it is impossible to do so because of the technical circumstances, or the Company is entitled to reject your request.

10.7   Right to withdraw consent

You have the right to withdraw your consent that has been given to the Company at any time pursuant to the methods and means prescribed by the Company, unless the nature of consent does not allow such withdrawal. The withdrawal of consent will not affect the lawfulness of the collection, use or disclosure of your Personal Data based on your consent before it was withdrawn.

10.8    Right to lodge a complaint to the Personal Data Protection Commission

In the event that the Company, the Company’s Data Processor, employees, or contractors violate or do not comply with the Personal Data Protection Law.

Therefore, the Company shall consider the right request received and inform you promptly in accordance with your rights under the Personal Data Protection Law. Fill out the Form

  1. 11. Changes to this Privacy Notice

Company may change or update this Privacy Notice from time to time without any prior notice to ensure that it remains in adherence to laws, any significant business changes. The Company will notify you of any important changes through the appropriate channels. However, the Company recommends that you review a Privacy Notice periodically. The new Privacy Notice will be effective immediately on the date of the announcement.

  1. 12. Contact Information

If you have any questions or complaints relating to the use or disclosure of your Personal Data, or if you wish to know more about the Company’s data protection policies and practices, please contact our Data Protection Officer via:

Email:                 dpo@idgthailand.com

Location:         Intellectual Design Group Co., Ltd.

194, 196 Nonthaburi Road, Bang Kraso Sub-District,

Mueang Nonthaburi District, Nonthaburi Province 11000

Phone:                02-0117161 Ext 106-107