PRIVACY NOTICE

Sawaddee Corporation Company Limited ("SAWADDEE") recommends that you read and understand “Personal Data Protection Policy”. This Privacy Policy covers how we deal with your personal data and gives you detailed information on how, what, when, and why we collect, use, disclose, transfer or process your personal data, what steps we take to ensure your personal data stays private and secure, how long we retain your personal data, how you can contact us, and your rights under the Personal Data Protection Act B.E. 2562 ("PDPA"). "Personal Data" means information that makes it possible to identify the owner of personal data, whether directly or indirectly. "Sensitive Personal Data" The Personal Data Protection Act B.E. 2562 including subordinate regulations enacted and as amended from time to time.

1. Definition

"Personal Data" means information that makes it possible to identify the owner of personal data, whether directly or indirectly.

"Sensitive Personal Data" means information defined under Section 26 of PDPA, including race, ethnicity, political opinions, beliefs in cults, religions, or philosophies, sexual behavior, criminal records, health or disability Information, labor union data, genetic information, biological information, or any other information that similarly affects the owner of personal data as required by law.

"Personal Data Protection Law" means: The Personal Data Protection Act B.E. 2562 including sub-ordinate regulations enacted and as amended from time to time.

"Juristic person customers" include directors, shareholders, true beneficiaries, employees, and legal representatives of juristic person customers. Including other natural persons who have authority to act on behalf of juristic person customers.

"Persons who are not customers of the Companyƒ" are natural persons who do not own products. or services with the Company, but the Company may need to collect, use, or disclose personal information of the owner of personal information, such as an insurance premium payer. Beneficiary of insurance policy Third party who receives compensation People who have visited the company's website or access services at the branch or the company's office The true beneficiary, director or legal representative of the juristic person who uses the company's services. professional consultant including directors and shareholders of the company and legal representatives of such persons and any persons involved in transactions with the Company or related to the company's customers.

2. Collect, Use and Disclosure of Personal Data

The type of personal data and sensitive personal data, which SAWADDEE collects, uses, or discloses (which is referred to as "Processing of Personal Data" in this Privacy Policy), varies on the scope of products and/or services that the Data subject may have used or had an interest in. The type of personal data shall include but not be limited to:

  • General personal information such as given name, middle name, last name, gender, date of birth, age, education background, marital status, nationality.
  • Contact information such as mailing address, email address, telephone number, fax number, Social Media account.
  • Identification and authentication information such as identification card photo, identification number, laser number (back of identification cards), passport Information certificate/alien ID information, driving license, signature.
  • Employment information such as occupation, employer's information and workplaces, position, salary/income/remuneration.
  • Financial information such as income, source of income, back account, credit card, debit card, tax information, transaction records, loans, investments, payment history.
  • Product and/or services information such as products and/or services purchased by the Data Subject from SAWADDEE or other insurance operators (e.g., insurance policy number, sum insured, changes/transactions related to an insurance policy); Information about insurance policies and claims that the Data Subject currently has with SAWADDEE or other insurance operators (e.g., insurance coverage information, premium payment history, medical information, claims history, including the exercise of rights under the insurance policy or products or other services of SAWADDEE or other insurance operators).
  • Market research, market data such as data and opinions expressed when participating in market research or surveys/customer satisfaction.
  • Verification information such as due diligence (e.g., information related to customer identification (Know Your Customer/KYC), customer due diligence (CDD), information for monitoring risk management regarding money laundering, counter terrorism and proliferation of weapons of mass destruction financing, information to monitor bankruptcy
  • Geographical, devices and software information such as SAWADDEE branches the Data subject contacts, the IP address, cookies, type and browser version, time zone settings, plug-in types in browsers, operating systems and platforms, user profiles, technical specifications, and personally identifiable information (e.g., mobile phone IMEI (International Mobile Equipment Identity) numbers or other unique device identifiers and any details about the mobile phone).
  • User login, subscription data and profile details such as login data for using SAWADDEE's system, transactions with SAWADDEE through the Internet network and applications.
  • Security information such as images, personal descriptions, suspicious detections or unusual transactions, photos, or video records through CCTV cameras.
  • Other information such as records of correspondence and other communications between the Data Subject and SAWADDEE in any form or method, including but not limited to telephone, email, text messages, conversations and social media communications, information provided to SAWADDEE by the Data subject through any channels.
  • Sensitive personal information such as health information, disability information, genetic information, blood type, criminal records, religion, biometric data (e.g., face recognition, fingerprint, voice recognition, and retina recognition).

3. Sources of Personal Data

  • The Company will collect and compile data as provided by the data subject to the Company or that which exists with the Company, including information from product or service registrations, participation in various company activities online, or data usage through the Company's website as well as information obtained when the data subject contacts the Company.
  • The Company may collect and compile personal data of the data subject with the personal data of the data subject received from other sources, only in cases where it is necessary and with the consent of the data subject. This is done for the purpose of updating the personal data of the data subject to ensure accuracy and to improve the quality and efficiency of the Company's services.

4. Purpose of Processing of Personal Data

For entering into the contracts with the Data subjects and for the performance of the rights and duties under the contract between SAWADDEE and the Data subjects.

4.1 For the benefit of the owner of personal data related to insurance products and/or using the company's services as well as to comply with any laws that the Company or the owner of personal data must comply with, including:

  • Compliance with insurance contracts joint insurance reinsurance and reinsurance
  • Disaster survey, damage assessment and compensation under insurance contracts
  • Legal action in the case of being liable to third parties or subrogation rights to claim against third parties
  • Preparing statistics for the benefit of calculating insurance premium rates appropriate to the risk.
  • Actions to provide information about the company's services
  • Compliance with other related laws
  • Necessary operations under the Company's legitimate interests which the owner of personal data can expect, such as recording voice conversations via a call center Recording CCTV images inside and outside the building Exchanging tickets before entering the building Managing complaints, surveying or evaluating service satisfaction, giving notifications, or presenting insurance products that are beneficial to the owner of personal information, recording images, recording audio about meetings, training, recreation, or booths.
  • Risk management, supervision, internal audit and management within the organization Including sending information to regulatory agencies, auditors, and external auditors. and companies affiliated with the same business both in the country and abroad
  • Protection measures or company policy to reduce the risk that may arise from fraudulent acts. Cyber threats Defaulting on payments or contracts, breaking any laws, including sharing personal information to raise the standard of protection. and reduce the above risks of the company in the business group or the same business
  • Benefits from using insurance products and/or services of the company as the owner of personal data has given consent, such as offers, special benefits, advice, and various marketing news, including the right to participate in special activities, whether it is an insurance product. and/or services of the company or product and/or services of companies affiliated with the same business or of business partners or of third parties providing services to

4.2 For any other purposes that the owner of personal data has agreed with the company.

5. Disclosure of Personal Information

The Company may disclose your Personal Data to the following entities and individuals in accordance with the Purposes and applicable laws:

  • Organization related to insurance business such as Office of Insurance Commission, Thai General Insurance Association or the Federation of Thai Industries
  • Group companies or affiliate companies both domestic and foreign.
  • Professional consultants both interna and external such as legal advisers, auditors or other advisors.
  • Service providers or its representatives (including sub-contractor) such as payment services, technology services, cloud services, contractor recruitment services document storage services, data logging services, document scanning services, postal services, publishing services, parcel delivery services by the courier, data analysis services, marketing services, research services, or other services related to SAWADDEE's business operations.
  • Law enforcement agencies, committees established in accordance with the laws, government agencies or regulatory bodies, dispute resolution authorities, or any other person in Thailand, which SAWADDEE or its group companies must (i) disclose information due to legal obligations and/ or compliance with laws and regulations in Thailand, and may include government agencies in the countries where the group companies are located, or (ii) due to the agreements or policies between SAWADDEE, group companies and the state, regulatory authorities or other related parties.
  • The person who enters into a transaction or will enter into a transaction with SAWADDEE when the personal data of the Data subject may be part of the purchase or sale, or part of the offering or selling of SAWADDEE business (if any).
  • Any person or entity which the Data Subject consents to disclose the personal data to that person or entity e.g., provident fund, social security fund.
  • Any person or entity authorized by applicable laws and regulations.

6. Cross-border Transfer

In order to provide you our services especially for documentation, your personal information will be stored in other countries. The privacy protection standard of which, might be different from the PDPA or ours. We will take any necessary step to ensure that your personal information is stored and secured appropriately.

7. Retention period

SAWADDEE will retain the personal data for 5 years from the end of the insurance contract or no more than 10 years from the date of the arbitration's decision or the court's final judgment (depending on the case) unless the law requires SAWADDEE to retain personal data longer than the specified period of time. SAWADDEE may continue to retain personal data of Data subject if necessary, in order to take any action under applicable laws, such as the Establishment of legal claims, compliance or the exercise of legal claims or raising the defense of legal claims. SAWADDEE will delete or destroy personal data or make it anonymized when it is no longer needed or the end of the above mentioned period.

8. Rights of the Data Subject

Subject to the PDPA, by using our Website, receiving our services and/or purchasing our products, you are entitled to the following rights in respect to personal information concerning about you and obtained by us:

  • Right for WithdrawalYou have the right to withdraw your consent given to us to retain, use or process your personal information, or allow our external service provider to do the same with your personal information.
  • Right to AccessYou have the right to obtain confirmation of whether or not we hold personal information concerning about you, and if so, to obtain confirmation of where your personal information is being processed and/or for what purpose, as well as an electronic copy of such information.
  • Right to RectificationIn case you find out that the information concerning about you is inaccurate, incomplete, out of date, you have the right to request for rectification of such inaccuracy, incompleteness, and outdatedness.
  • Right to PortabilityWhere your personal information concerning about you is being processed via automated means, you have the right to request us to transmit such information to another data controller.
  • Right to Restrict Processing or be ForgottenYou have the right to request us to suppress or restrict the use or processing of your personal information or to permanently erase your personal information. The withdrawal of your consent, restriction, suppression, or erasure of your personal information may inhibit our ability to provide you with our services and/or products.

The withdrawal of your consent, restriction, suppression, or erasure of your personal information may inhibit our ability to provide you with our services and/or products.

9. Data Protection Officer (DPO) Contact

For any enquiry about this Privacy Policy, please contact SAWADDEE's Data Protection Officer as follows:

Sawaddee Corporation Co., Ltd 3/147 Prachachuen Road, Ta Sai, Muang, Nonthaburi 11000 Email: [email protected] Tel. 02 192 1059

To exercise your rights as a data subject under this policy, please download the Personal Data Subject Request Form available on the company's official website. Kindly ensure that the form is completed in its entirety and submitted to the company's Data Protection Officer through the designated contact channels as specified above.

This policy was last reviewed, updated, and published on January 20, 2025.

Sawaddee Corporation Co., Ltd

Contacts

088 222 6651
[email protected]

© 2567 Sawaddee Corporation Co., Ltd

Privacy Policy

|

Cookie Policy