Privacy Policy นโยบายความเป็นส่วนตัว

Mediator Company Limited, hereinafter referred to as “The Company”, may collect your personal data for various purposes. The company has a privacy policy/personal data protection policy to make sure that the company will use your personal data correctly according to the objectives and according to the law. The company also respects your privacy rights and the security of your personal data with the highest degree.

1. This policy’s objectives

To guarantee that the personal data of customers, business partners, visitors, and related third parties be securely stored and fairly used according to Thailand's Personal Data Protection Act (B.E.2562)

2. Definition and scope of data collection

1) Customer means a person/company/store that purchased products or services from the company.
2) Business partner means a person/company/store that the company purchases products or services from.
3) Visitor means a third party who contacts, visits, or conducts any transactions with the company other than the purchase of products and services.
4) Personal data means
(1) Your personally identifiable information such as name and surname, address, date of birth, gender, age, photograph, email address, bank account number, credit card number (if any), ID card number, taxpayer ID number phone number, Line ID, etc. which is obtained directly from you or through a third party including personal data of customers, business partners and visitors when you register an account or change the information in your account, purchase products or services, take surveys, apply for email newsletters, or participate in online courses or other services.
(2) Information obtained from your use of the service through the website; including device identifier, computer IP address, device ID, device type, mobile network information, connection information, geographical location information, type of web browser, website access log, information of websites that was accessed before and after (Referring Website), website usage history log, login Log, transaction log, customer behavior, website access statistics, website access time, etc.

3. Policy on the collection, storage, and use of personal data

1. The company respects the privacy of customers, business partners, and visitors at the highest level.
2. The company will only request personal data as necessary for conducting business together or as required by law or by relevant organizations.
3. The company will store both document and electronic form of personal data in a strict and confidential manner.
4. The company clearly defines the duties of the data collector, data processor, data user, and authorized person as well as sets clear access and verification procedures to ensure that your personal data is kept confidential, secure, and used in good faith.
5. Customers, business partners or visitors who own the data have the right to request to view, inspect, and access the data immediately throughout the period of storage. They also have a responsibility to notify the company in the event of a change of personal data or provide additional personal data if the company or related agencies request.
6. In case that customers, business partners or visitors are foreigners, the company also collects, stores, and uses the data in the same way as Thai people.
7. Any personal data that the company stores in accordance with this policy is considered important business information. The company will treat it as if it was the company’s data. Any individuals who violate, destroy, damage, or use the data for personal benefit will be penalized and/or prosecuted by the company including paying for the damage in full at the rate specified by law.
8. Collecting, storing, using, auditing, reviewing, approving, or taking any actions regarding personal data according to this policy must be confidential and lawful. Personal data shall be regarded as the highest level confidential information and the data audit must be recorded for evidence.
9. The company has a policy to periodically update these rules and regulations as necessary and appropriate.

4. Purpose of collecting your personal data

The Company may use your personal data for the following purposes.

1. To ensure that the use of the company’s service is appropriate and in accordance with relevant laws, rules, and regulations.
2. To confirm or identify your identity when using the services of the company.
3. To optimize the services provided to you.
4. To contact you via telephone, text message (SMS), e-mail, social media, postal mail or through any means to inquire, notify and verify information about your account. To invite you to take a survey, poll or to notify any other information related to the company's services as necessary.
5. For any other benefits related to the company's business operations such as study, research, analysis, statistical data collection, service improvement, and marketing or targeted advertising. This also includes advertising and sending information about special promotions and the company’s activities as well as providing appropriate suggestions to provide services which match your interests.

5. Disclosure of personal data to third parties

The company may disclose your personal data to others with your consent, within the scope of this policy or under the rules permitted by law. Your information may be transferred to the following organizations.

1. Client company/organization, contractor, business partner or other persons both domestic and international as specified by the company. When disclosing personal data to such parties, the company will have such parties to keep your personal data confidential and not be used for purposes other than specified scope.
2. Government agencies, governmental organizations, service regulators, your regulators as well as private agencies or other third parties involved in the legal process when there is a request for disclosure by law, such as requesting information for prosecution or legal action.

6. Period of Personal Data Storage

The company will store your personal data while you are still conducting transactions or having activities with the company or throughout the necessary period to achieve the objectives related to this policy. Your personal data may need to be preserved afterwards if required or permitted by law, for example, to be kept for proof in case of potential disputes under the statute of limitations prescribed by law.

During the storage period, the company applies reasonable security measures to prevent unauthorized access, collection, use, disclosure, duplication, modification, disposal of information or any similar risks. The company will delete or destroy your personal information or make it anonymous when it is no longer necessary or at the end of such period.

7. Security of Personal Data Storage

The company has established and/or chose a personal data collection system which has appropriate mechanisms and techniques. The company also limits access to your personal data from employees/staff to prevent your personal information from being used, disclosed, destroyed, or accessed without permission. However, the company cannot guarantee that there will be no errors or mistakes when implementing this policy. Therefore, the company reserves the right to deny liability for any damage or loss that occurs in all cases.

8. Your rights regarding your personal data

Customers, business partners, visitors who own personal data which the company store have the following rights:

1. The right to request access to your own data, inspect how the data is stored and used , during every working day in working hours by notifying the coordinator or the manager with whom you have contact.
2. The right to request verification or request for the use of your own personal data.
3. The right to withdraw consent. You have the right to withdraw your consent at any time throughout the storage period unless there is a limitation of that right by law or contract that benefits you.
4. The right to request deletion or destruction of data. You have the right to request the company to delete or destroy your personal data or make your personal data non-identifiable if you believe that your personal data is collected, used and/or disclosed against the relevant laws, or you believe that the company no longer needs to store your personal data.

Exercising your rights as mentioned above may be restricted under relevant law; and there are cases when the company may necessarily refuse or be unable to process your request to exercise the above rights, for example, to comply with a law or a court order, the exercise of rights may infringe on the rights or liberties of other persons, etc.

9. Contacting the Company

If you have any questions or concerns about this privacy policy, please contact us via telephone number 02-392-3288 or via email info@mediator.co.th.