Mono Next Public Company Limited and Subsidiary Companies (“Company”) have conducted this Personal Data Protection Policy to describe the process of Personal Data management and other rights of customers concerning Personal Data Protection Policy of the Company. Details of this policy are as follows:
Company and subsidiaries means Mono Next Public Company Limited and subsidiary companies under Mono Next Public Company Limited.
Personal Data means any information relating to a person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons in particular.
Data Owner means the person that the data refers to, not the person who has the ownership of the data, the creator, or the collector of such .
- Types of Personal Data and Situations Where Personal Data are Collected
Types of Personal Data which the Company collects about you include:
- Contact information such as name, address, telephone number, and email address
- Housing information such as household size, type of home, and living conditions
- Billing information such as billing address and credit card information
- Unique information such as ID or passport number, photograph, contact preferences, and date of birth
- Details of any membership that you have with the Company
- Details of your visits to the Website such as traffic data, location data, and the resources that you access on the Website
- Your transaction history
Access to Personal Data: The Company may access your Personal Data from 2 channels.
– Directly from you. The Company collects Personal Data during the provision of services including:
– Submission of application for any services or application for any privileges
– Your consensual agreement when filling out surveys, email enquiries, or other communication channels between you and the Company
– Your browser’s cookies when accessing the Website
– From the third parties in the following case:
– The third parties disclose Personal Data by means or through different channels, for example, email, telephone, written letters, or documents.
- Objectives of Personal Data Collection, Storage, and Processing
3.1 The Company shall collect, store, and process your Personal Data once obtained your consent which shall be given through one of the following means:
- Agreements or application forms
- The Company’s website
3.2 The Company shall process Personal Data for the purpose of our business:
- For the benefit of the customer
- For the preparation of the database and the use of your data to improve service quality
- For the preparation of the database and the use of your data to offer services and/or privileges based on customers’ interest
- For the preparation of the database and the use of your data to prepare for promotional campaigns or any Company activities etc.
3.3 The Company shall collect Personal Data directly from customers as necessary for providing the appropriate services according to lawful purpose.
The Company shall retain your Personal Data for a period of time required solely for the purposes mentioned previously.
- Restriction of Use and/or Disclose Personal Data
The Company shall disclose your Personal Data in accordance with your consent. Personal Data shall be used solely for the purpose of the Company’s business. The Company shall supervise our employees, officers, or operating staffs, from using and/or disclosing your Personal Data in any way other than the purpose of the Company’s business or to a third party except:
- In compliance with legal obligation such as Personal Data Protection Act, Electronic Transaction Act, Telecommunication Business Act, Anti-Money Laundering Act, Civil and Commercial Act, Criminal Act, etc.
- For the purpose of investigation of the inquiry authorities or adjudication of a competent court
- For the necessity to prevent or to avoid danger to a person’s life, body, or health
- For the necessity to fulfill a contract to which the Data Owner is a party, or to proceed the request of the Data Owner prior entering a contract
- Measures to Secure Personal Data and Period of Data Retention
Measures to secure Personal Data
- The Company shall arrange for access levels to Personal Data and periodic change of password of employees accessing and using data in order to maintain the security of Personal Data.
- The Company shall arrange for measures to ensure information security according to risk from technological development. The measures are as follows:
- Maintaining the security of area, department, and personnel by secure recruiting, segregation duty, providing proper training, and assigning the proper role for employees; moreover, all employees shall bound by a non-disclosure of news and information agreement
- Maintaining the information security of Personal Data by classifying confidential data, proper handling confidential data, and managing hard copy document
- Maintaining the security of communication and communication networks by controlling the access to communication network systems, providing backup and recovery of data, checking the accuracy of in-transit data, and controlling remote access to IT systems
- The Company may use the information service provided by third party service providers in order to process the storage of Personal Data. The service providers must have security measures and must not collect, use, or disclose Personal Data other than stipulated by the Company.
Retention period of Personal Data such as name, address, location, contact number, email address, and other information shall be kept until you request to erase the data.
- Your Rights
- 6.1 Limiting the data you provide to the Company
If the Company asks you for Personal Data that you do not want to provide, please inform us and we shall try to continue without it. Nevertheless, it might not be possible for the Company to provide the products or services that you are seeking. Lacking Personal Data may also result in your inconvenience when the Company is providing such products or services.
- 6.2 Withdrawing consent and opting out of receiving marketing messages
Where the Company has obtained your consent to process your Personal Data, you may withdraw your consent at any time. You can do this by notifying us in writing (which includes email).
- 6.3 Data accuracy
The Company takes steps to ensure that the Personal Data we collect is accurate, up-to-date, and complete. This includes updating the data. If you would like to change it, you may login to your account and amend the details in profile section. Alternatively, you can notify the Company about any changes in writing (which includes email).
- 6.4 Access to Personal Data
You can request the Company to provide you with a copy of your Personal Data or data that refers to you if such data is in our possession or under our control. The Company shall also provide you the information about the ways in which we have or may have used or disclosed it within the previous 12 months.
The Company reserves the right to charge a fee for access to your Personal Data in response to your request. The Company shall notify you of the amount of the fee before fulfilling your request.
- 6.5 Correction of Personal Data
You can request the Company to correct on error or omission in your Personal Data or data that refers to you if such data is in our possession or under our control.
Complainants or customers may complain on infringement of Personal Data and right to privacy in accordance with the complaint regulations as specified by the Company.
- Personal Data Protection Policy of Other Websites
This Personal Data Protection Policy is specifically applicable to the services of the Company and the usage of the Website. If you link to other websites (including using the Website as the access channel), you must perceive and follow the Personal Data Protection Policy of those websites separately from the Personal Data Protection Policy of the Company.
- Updates on Personal Data Protection Policy
You are deemed to have acknowledged and agreed to any amended version of this Personal Data Protection Policy if you continue to use the Website after the changes have taken place. As such, you are encouraged to visit the Website from time to time to ensure that you are well informed of the Company’s latest policies in relation to personal data protection.
- Contact Information
Responsible Person : Data Protection Officer
Contact Address : No. 29/9, Village No. 4, Chaiyaphruek Road, Bang Phlap
Sub-district, Pak Kret District, Nonthaburi 11120, Thailand.
Contact No. : +66 2100 8100
Email Address : firstname.lastname@example.org