Announce
Subject Privacy Policy
NPP FOOD SERVICE Company Limited
Realize the importance of personal data protection This is an important fundamental right to privacy.
Therefore, this privacy protection policy has been created for employees, customers, business partners.
and service users know and understand the privacy policy that the company collects, uses, discloses
transfer and keep the above personal information in accordance with the law, powers and dutiesoperational mission including electronic transaction service, websiteand documents in paper form which is in accordance with the form of service of the companyThe company will protect personal information from being misused.and will keep such information safe. To comply with the Personal Data Protection Act B.E.2019
2. Objectives
2.1 To reassure the data subject that transactions with Global Consumer Company Limited(Public) is secure, safe, reliable, and protects personal information.
2.2 To prevent damage caused by fraudulent exploitation or exploitation of personal dataPervert
3. Scope of use
3.1 This announcement It is applicable to the Board of Directors, Directors, Executives.and employees at all levels of Global Consumer Public Company Limited, including partners, service providersand stakeholders of the company
3.2 By giving this announcementThis applies to all the Company's operational activities related to personal data, for example:Storage channels, types and formats of stored dataThe Company's Purpose for Using Personal Data Sharing such information with othersas well as how the Company takes steps to protect the personal information of its customers.
4. Definition“Company” means Global Consumer Public Company Limited.“Personal Data” means information about an individual by which an individual can be identified.whether directly or indirectly but does not include information of the deceased in particular“Personal Data Controller” meansAn individual or legal entity having the authority to make decisions about the collection, use or disclosure of personal data.“Personal Data Processor” means an individual or a legal entity which is involved in the collection, use ofor disclose personal information as ordered or on behalf of the Personal Data Controller.The person or entity doing so is not the controller of the personal data.“Data Subject” means the person who owns the Personal Data, such as the Customer.“Person” means a natural person.
5. Collection of personal informationCollection of personal informationto collect as necessary under the lawful purposes of the Data Controlleror for the benefit that is directly related to the purpose of collectionThe personal data controller must notify the owner of the personal data first.or while collecting personal information as follows:unless the owner of the personal data is already aware of the details
5.1 Purpose of collection
5.2 Personal Data Collected
5.3 Notify in the event that the data subject is required to provide personal data in order to comply with the law or contractor it is necessary to provide personal information to enter into a contractas well as informing them of possible consequences from not providing personal information.
5.4 Types of people or entities to which personal data collected may be disclosed
5.5 Data Subject Rights6. Use or Disclosure of Personal InformationUse or Disclosure of Personal Information to be in accordance with the objectivesor is necessary for the benefit that is directly related to the purpose of the collection.and must obtain the consent of the owner of the information provided first. or at that time except in the following casesConsent is not required.
6.1 For planning purposes or various censuses of government agencies
6.2 To prevent or suppress danger to life, bodyor the health of a person whose personal data subject is unable to give consent for whatever reason
6.3 It is legally public information.6.4 For the benefit of the investigation by the competent official under the lawor in the trial and adjudication of the court6.5 It is a practice required by law. or by court order
7. Type of person or entities to which personal information may be disclosedThe Company may disclose your personal information to its affiliates. Company auditorCompany external auditor and government agencies as required by law, etc.
8. Securityfor the benefit of confidentiality and security of personal data The company has measuresas follows
8.1 Provide appropriate measures to maintain the security of personal data such asPreventing the wrongful loss of personal data Prevention of misuse of personal informationConversion protection and wrongly correcting personal dataPrevention of illegal disclosure of personal information Logging website visitors (Log Files)assigning rights and restrictions on employees' rights to access personal informationDestruction of various storage media such as paper, flash drives, CD-DVDs, hard disks, etc.to prevent data loss, access, destruction, use, conversion, modificationor disclose personal information without permission
8.2 Keep personal data for the purposes stated to the personal data subject.and in accordance with the law
8.3 In the event that the Company employs an external company to process personal dataMust select a company that has a standard data protection system.and make an agreement relating to the retention of personal information in accordance with the same policy
8.4 For the transmission, transfer of personal data abroadincluding bringing personal information to store on any database in the system which the data transfer service provideror data retention services abroadThe destination country in which the data is stored must have equivalent personal data protection measures.or better than the measures under this policyThe company will not be responsible for any damage. resulting from useor disclosure of personal information to third parties including neglect by the actions of the data subjector any other person with the consent of the data subject
9. Rights of data subjects The data subject has the right to request access to their personal data. obtain a copy of the personal data relating to themRequest to disclose the acquisition of such personal data that he did not give consent to deleteor destroy personal information object to collection, useor disclose personal information for some reason Request to suspend the use of personal informationrequest the transfer of personal data to another personal controlleras well as the right to request amendments to personal data to be correct, current, completeand does not cause misunderstandings except for scrubbing or contrary to the provisions of the lawimpact on the security of the kingdom affect the economy and the country's commerceAffects the investigation of the competent legal officer or the trial of the courtor affecting the rights and liberties of other people The owner of the information can contact the company at
NPP FOOD DERVICE Company Limited Address :
109/4 Moo 1 T.Banbo, P.Samutsakhon 74000
Telephone Number : 034-410861-3, Fax : 034410963
E-mail :dpo@nppfood.com
Any request listed above The data subject must do so in writing.The company will prepare a record of evidence of objection. or any actionrelating to personal data as evidence, however, the Company will proceed within a reasonable period of timebut does not exceed the time limit prescribed by law
10. DisclaimerThe company reserves the right to reject the request under Clause 9 in the following cases:
10.1 The law can be made possible.
10.2 Personal data makes it anonymous. or indicating the ability to identify the owner of the information
10.3 The applicant does not have evidence to prove that the owner of the information.or is authorized to submit such request
10.4 Such requests are unreasonable, for example in the event that the requester does not have legal rights.or does not have that personal information at the company, etc.
10.5 The request is a redundant request, i.e. the request is of the same nature. or have the same content repeatedlytogether without a reasonable reason, etc.
11. Destruction of personal data
11.1 In the event that personal data collected is not relevantor necessary for the purpose of the company to destroy and delete the data from the storage systemby a safe method and does not leak information
11.2 The company will destroy and delete personal data from the storage systemAfter the period of use for the purposes of the companyexcept in cases where information is required to be kept as required by law
12. Policy ReviewThe Company will review the Personal Data Protection Policy at least once a year.or in cases where the law has been changedThis will be effective from 1 June 2022 onwards or until the change is announced.
18 July 2022
Viewed 4214 time