Personal Data Protection Policy
Mono Next Public Company Limited realizes the importance in protecting your personal data, therefore, this Personal Data Protection Policy is shaped to inform you, as the data subject, of the Company’s purposes for collecting and using your personal data. The Company is legally obligated to collect, use, and disclose your personal data to the extent necessary and within the scope of the law. The Company confirmed that the Company has implemented the Personal Data Protection Act B.E. 2562 to protect your personal data.
1.What is Personal Data?
There are 2 types of Personal Data which are:
Personal Data (General) refers to personal data of a living person that enables the identification of such person whether directly or indirectly, for example, name and surname, address, email address, identification number.
Sensitive Personal Data refers to personal data that is specially categorized by law and will be collected, used, or disclosed. Sensitive Personal Data pertains to race, ethnic group, political opinion, cult, religious or philosophical belief, sexual behavior, criminal record, health data, disability, trade union information, genetic data, and biometric data, or information as announced by the Personal Data Protection Commission.
2.Where does the Company Receive Your Personal Data?
- The personal data that the Company receives directly from you
The Company receives your personal data directly through normal channels and online channels in the following cases.
- You make query or ask for information from the Company.
- You make a registry by creating account through the Company’s website or application.
- You do a survey, or contact the Company via telephone, email, or the Company’s employee
- You visit the Company’s website. The Company collects data from cookies. This data helps the Company to provide you better, faster, and safer services, and gives you privacy when using the service and/ or entering the platform. Cookies are text files in your computer that are used to store log information about your internet usage or your browsing behavior. You can learn more about Cookies on https://www.mono.co.th
- Your personal data that the Company receives from agencies/ third parties
The Company may receive your personal data from agencies/ third parties which are network of the Company in the process of collecting, using, or disclosing personal data as instructed by the Company or on behalf of the Company. Your personal data will not be used other than the purposes for which the Company instructs or requires such agencies/ third parties to do. In addition, the Company requires such agencies/ third parties to protect confidentiality of your personal data and to have measures to protect your personal data as required by Thailand’s Personal Data Protection Law.
3.Types of Personal Data which the Company Collects
Personal data collected by the Company will be used within purposes and as necessary for any operation which is the Company’s interests. The data can be classified as follows.
|Types of Data||Details|
|1.General Data||includes name, surname, telephone number, social media accounts|
|2.Technical Data||includes IP Address, browser type, time zone setting and location, operation system, platform and technology of the device used to access the website|
|3.Website Usage Data||includes web page you visited before entering platforms, web pages that you visit, amount of time you spend viewing website, goods, services, or information you searched for in platforms, access time and date, information about what you looked at while using website|
4.The Purpose of Use of Personal Data
The Company uses your personal data within applicable laws on the protection of personal data and collects only the necessary information.
- For the legitimate interests of the Company or third parties or you, which does not decrease your fundamental right in personal data.
- To fulfill a contract which you are a party, or to be used to process your request before entering into a contract.
- To comply with the law of the Company, or to prevent or suppress dangers to a person’s life, body, or health.
The Company has summarized the Lawful Basis of Processing which the Company has applied to achieve the purposes stated in the table below.
|Purposes||Types of Data||The Lawful Basis of Personal Data Processing|
|1) To provide services to clients under contracts.||– Contact data
– Financial data
|Necessary for the fulfillment of a service contract between you and the Company, or processing your request to enter into a service contract.|
|2) To provide customer service, including:
•Contact customers to process customer requests
•Provide after sales services
•Manage customer benefits
•Receive customer complaints
•Receive notifications and coordinate to solve customer problems
•Facilitate customers in information verification, payment, and customer benefit management.
|– Contact data
– Financial data
– Communication data
|1) Necessary for the fulfillment of a service contract.
2) For legitimate interests of the Company to provide customer service and facilitate customers to access the service.
|3) To use data analytics to improve the services of the Company:
•In giving statistical report on the number of customers for marketing planning
•In improving the efficiency of the Company’s website, solving technical problems encountered while using the website, and improving customers’ experience upon receiving services from the Company.
|– Contact data
– Technical data
– Website usage data
|For legitimate interests of the Company to use information and statistic on the usage of website to increase the efficiency of the Company’s service and improve the website to meet the needs of customers.|
|4) To send promotional news and participation in marketing activity.||– Contact data||1) For legitimate interests of the Company to provide news and promotions to customers.
2) In terms of direct marketing, the Company shall ask for your explicit consent to use your personal data for direct marketing.
The Company may process your personal data for more than one lawful basis depending on the specific purpose for which the Company is using your personal data.
5.Marketing Activities and Campaigns
The Company may conduct marketing activities and promotional campaigns, or use third parties with whom the Company has agreements to operate in the following cases.
- In the case that the Company uses your personal data for providing direct marketing, the Company will be able to do so only when you give the Company explicit consent, and the Company has already informed you the purpose of your personal data’s use on direct marketing. However, you can withdraw your consent on direct marketing with the Company at any time through the Company’s opt-out system.
- In direct marketing, the Company uses your data to analyze behavior in order to offer services that meet your needs.
- In the case of your participation in the Company’s sale promotional activities, such as gaming activities or other activities through various social network channels, for promoting the Company’s products and services to the public, the Company will not process your data for direct marketing unless you give the Company an explicit consent to use your personal data for direct marketing. The Company will inform you of the purpose of your personal data’s use on direct marketing. In addition, you can withdraw your consent on direct marketing with the Company at any time through the Company’s opt-out system.
6.Disclosure or Sharing of Personal Data
- The Company does not disclose your personal data to agencies/ third parties unless necessary circumstances which the data must be disclosed to achieve operational purposes. This also includes agencies having legal duty to request the Company to disclose such information. These agencies/ third parties are:
- Online advertising platforms
- Marketing companies or consultants
- Regulatory agencies such as the Office of Personal Data Protection Commission
- Agencies hired by the Company to collect data
- The Company requires agencies/ third parties that the Company discloses or shares your personal data mentioned earlier with to maintain confidentiality and protect your personal data in accordance with the standards required by Thailand Personal Data Protection Law, and use your personal data only for the purposes specified, or requested to proceed, by the Company. Third parties will not be able to use your personal data other than such purposes.
- When being requested, the Company may disclose your personal data to relevant authorities to comply with the law in order to achieve some purposes, for instance, preventing threats to life or body, promoting law enforcement, pressing charges, exercising of legal rights, preventing fraud, etc.
7.Retention Policy and Retention Period of Personal Data
- The Company collects your personal data in the Company’s information system and provide standard security to keep the Company’s information system and the use of your personal data secure with following measures.
- Restrict access to personal data which may be accessed by officers or employees.
- Provide technological methods to prevent unauthorized access to computer system.
- Destroy your personal data for security purpose when such data is no longer needed to fulfil the purposes the Company collected it for.
- Put in place procedures to deal with any suspected personal data breach and will notify the Personal Data Protection Commission of a breach where the Company is legally required to do so.
- Retention period of personal data
- The Company will keep your personal data for as long as necessary to fulfil the purposes the Company collected it for according to the period stipulated by the accepted standards, such as accounting, legal, and related regulations.
- To determine the appropriate retention period for personal data, the Company considers the amount, nature, purpose and sensitivity of the personal data, the potential risk of harm from unauthorized use of your personal data, and the applicable legal requirements.
- The Company collects your personal data obtained from cookies when you use the Company’s website. The Company will keep your personal data for no more than 13 months or as required by relevant laws.
- Functionality Cookies:
The Company uses Functionality Cookies to improve the functionality of the website in order to store information about your visit to the website so that the Company can provide a better, faster, and safer service. These cookies help the Company to recognize the device or your browser so that the Company can quickly provide the content according to your personal interests, simplify the service and platform, and increase your benefit. To disable these cookies, you can set your device by referring to the help section of your browser or device.
- Analytic Cookies:
The Company uses Analytics Cookies provided by third parties to collect information about how visitors use the Company’s website. The Company anonymizes the data of all website visitors and passes it to third parties who can use this data or disclose it to other parties who process the data as permitted by law. Third parties will not include your data obtained from the Company’s website with information that third parties already have. You can choose to disable these cookies on the Company’s website.
10.Change of Personal Data Protection Policy
The Company will check efficiency and review the Company’s Personal Data Protection Policy regularly. In case of changing the policy, it will be announced and published on the Company’s website or other platforms.
11.Rights of the Owner of Personal Data
As the data subject, you have the right to act in accordance with the extent permitted by the Personal Data Protection Act B.E. 2562 (2019) as follows:
- You have the right to withdraw your consent (Right to withdraw consent) about personal data that you have given consent with the Company throughout the time that the Company keeps your personal data.
- You have the right to access your personal data (Right of Access) and ask the Company to copy the personal data for you.
- You have the right to request the Company to edit incorrect information or fulfill incomplete information. (Right to Rectification)
- You have the right to request the Company to delete your data for some reason. (Right to Erasure)
- You have the right to request the Company to stop using your personal data for some reason. (Right to Restriction of Processing)
- You have the right to transfer your personal data that you have provided to the Company to another data controller or yourself for some reason. (Right to Data Portability)
- You have the right to object to the processing of your personal data for some reason. (Right to Object)
- You have the right to claim compensation in the event of a personal data breach causing damage.
You can contact the Company as the personal data controller to submit your request to perform the rights above according to the address below. The Company will respond to your request within 30 days. The Company will consider your request within the scope of the Personal Data Protection Act B.E. 2562. In the event that the Company rejects your request, the Company will notify you of the reason for the rejection.
- Mono Next Public Company Limited
- Details of Data Protection Officer (DPO)
- Email : email@example.com
- Address : 29/9 Moo 4, Chaiyaphruek Road, Bang Phlap, Pak Kret, Nonthaburi 11120