Introduction |
WISESIGHT (THAILAND) CO., LTD. and its affiliates include persons involved in the processing of personal data on orders or on behalf of the Company (Hereinafter referred to as the “Company”) prioritize personal data and other data relating to you (Hereinafter referred to as, “data”). The purpose is to provide you with the assurance that the Company is transparent and responsible for collecting, using, or disclosing your information in accordance with the Personal Data Protection Act B.E. 2019 (“Personal Data Protection Act”). including other relevant laws. This Privacy Policy (“Policy”) is designed to provide you with information about our collection, use, or disclosure (Hereinafter referred to as “Processing”) of personal data processed by the Company including officers and related persons acting on behalf of or on behalf of the Company with the following contents:
Scope of Policy |
This policy applies to current and future personal data of individuals associated with the Company which is processed personal data by staff, contractual employees Business units or other forms of entities operated by the Company as well as parties or third parties who process personal data on behalf of or on behalf of the Company (“Data processor”) under products and services such as websites, systems, applications, documents or other forms of services controlled by the Company. (Hereinafter referred to as “Services”)
Individuals in relation to the Company under the provisions of the first paragraph include the following persons (collectively referred to as “you”):
- Individual customers
- Employees, workers, or employees
- Partners and service providers who are natural person
- Executive directors, attorneys, representatives, shareholders, employees or other persons having a relationship similar to a juristic person with the company.
- Users of the Company’s products or services.
- Visitors or users of https://wisesight.com including systems, applications, devices, or other communication channels controlled by the Company.
- Other persons with whom the Company collects personal data such as job applicants, family of officers, guarantors, insurance policy beneficiaries, etc.
In addition to this Policy, the Company may require a privacy notice (“Notice”) for its products or services to inform the personal data subject who is the user of the personal data being processed, the purposes and lawful grounds for the processing, the retention period of personal data as well as the rights to personal data that the personal data subject may have in a particular product or service.
In the event of a material conflict between the Privacy Notice and this Policy, the Service’s Privacy Notice shall be final.
Definitions |
Personal data | means information about an individual from which an individual can be identified, directly or indirectly, but does not include information of a particular deceased person. |
Sensitive data | means personal data as provided for in Section 26 of the Personal Data Protection Act B.E. 2562, including race, ethnicity, political opinion, ideology, religion or philosophy, sexual behavior, criminal history, health information, disability, trade union information, genetic information, biological information or any other information that affects the subject of personal data in a similar manner as determined by the Personal Data Protection Commission. |
Processing of personal data | means any action on personal data such as collect, save, copy, organize, store, update, change, use, restore, disclose, forward, publish, transfer, merge, delete, destroy, etc. |
Data subject | means a natural person who is a data subject that is collected, used, or disclosed by the Company |
Data controller | means a person or entity has the authority to make decisions about the collection, use or disclosure of personal data. |
Data processor | means an individual or a legal entity who is involved in the collection, use or disclosure of personal data on the order or on behalf of the data controller. However, such person or entity is not a controller of personal data. |
Personal data in the media Wisesight monitors |
Personal data in the media that we process: For information about the personal data included in Social Listening, Social Monitoring, and other related services as part of our services, please refer to our policy here.
Data source |
The Company collects or obtains various types of personal data from the following sources:
From the data subject directly | Personal data that the company collects directly from the data subject in various service channels. For example, the process of applying, registering, applying for a job, signing contracts, documents, surveys or using products, services, or other service channels supervised by the Company or when the subject of personal data communicates with the Company at the office or through other communication channels supervised by the Company, etc. |
From the data subject’s use of the website, other products or services | Information that the Company collects from the data subject’s use of the website, other products or services under contract or under a mission. For example, tracking the behavior of using the website, the company’s products or services through the use of cookies or software on the device of the personal data subject, etc. |
From other sources | Personal data that the Company collects from sources other than the data subject. Such sources have the authority, have legitimate grounds or have already obtained the consent of the personal data subject to disclose the information to the Company. For example, linking the digital services of government agencies to provide comprehensive public benefit services to the personal data subject itself, receiving personal data from other government agencies in accordance with the mission of providing Central Information Exchange Center. The purpose is to support the actions of government agencies in providing services to people through digital systems. Moreover, it also includes more precisely providing contractual services where personal data may be exchanged with contractual entities. |
In addition, this also includes cases where you provide personal data from third parties to the Company. Therefore, it is your responsibility to provide details under this policy or announcements of products or services, as the case may be, to such parties as well as obtaining consent from that person if it is a case where consent is required to disclose information to the Company.
In the event the data subject refuses to provide the information necessary to provide the Company’s services, the Company may not be able to provide that service to the data subject in whole or in part.
Collection of personal data |
The Company will collect personal data with the prior consent of the personal data subject except in the following cases:
- To fulfill contract obligations in the case of collecting, using or disclosing personal data for the necessity of providing services or contracts between the data subject and the Company.
- To prevent or suppress harm to life, body or health.
- To obey the law.
- To the legitimate interests of the Company if necessary for the legitimate interests of the Company’s operations. The Company will consider the rights of the data subject as important. For example, fraud prevention, network security, protection of the rights, freedoms and interests of all data subjects, etc.
- To conduct research or statistics in the case of historical documents or archives for the public benefit or related to research studies or statistics in order to provide appropriate safeguards to protect the rights and freedoms of data subjects.
- To perform state missions if necessary for the performance of duties for the public interest or the performance of duties under the state powers assigned by the Company.
Where it is necessary for the Company to collect your personal data for the performance of a contract, the performance of legal duties or for the necessity of entering into a contract. If you refuse to provide personal data or object to processing for the purposes of the activity, it may result in the company being unable to perform or provide the services you have requested in whole or in part.
Types of personal data |
The Company will use lawful means and limited to the extent necessary for the Company’s operational purposes, including without limitation the following information:
Personal data | Name-surname, age, date of birth, gender, identification number, passport number, signature, marital status, position, occupation, education, tax ID number, job title, nationality, etc. |
Contact data | Address, phone number, email, and social media, etc. |
Figurative data | Figurative data such as still images, motion pictures of you or your assets, which are collected from CCTV, cameras when you enter the Company’s area, etc. |
Platform account data | Account, username, password, etc. |
Official document data | A copy of your ID card, a copy of your house registration, a copy of your passport, a copy of the marriage certificate, a copy of your work permit, a copy of your birth certificate, a copy of your driving license, a copy of your professional license, etc. |
Financial data | Bank account number, copy of bank passbook, credit card information, copy of bank statement, income, payment information, taxes, provident fund, employee benefits (such as pension or entitlement under an insurance policy) and related information. (Reimbursement or allowance). |
Educational data | Such as: Qualifications, educational background, transcript and educational evidence. |
Related third party data | Spouse, child, father/mother, emergency contact person, reference and beneficiary, etc. |
Data for purchasing products and services | Order history, service & product interests, order number, request number, etc. |
Data obtained from the company’s collection or automation of the company’s devices | IP Address, Cookie, history and behavior of service use, order history, appointment information, voice, photo, motion, Chat, Geolocation, etc. |
Sensitive data | race, religion, disability information, medical information, criminal history, biometric information (fingerprint, face), health information, etc. |
Cookies |
The Company collects and uses cookies and other similar technologies on websites under its supervision. For example, https://wisesight.com or your device according to the services you use. In order to ensure the safety of the Company’s services and to provide users with a convenient and good experience in using the Company’s services, this information will be used to improve the Company’s website to meet your needs as much as possible. You can manually set or delete the use of cookies from the settings in your web browser.
Purpose of collecting personal data |
The Company collects your personal data for several purposes. It depends on the type of product, service or activity you use. as well as the nature of your relationship with the Company or considerations in each context are important. The purposes stated below are just a general framework for the Company’s use of personal data. However, only the purposes related to the products or services you use or are associated with will apply to your information.
- It is to enter into a contract or for the performance of a contract between us and you or a third party for your interests.
- It is to respond to your inquiry and assist you.
- It is to develop and improve the products and services of the Company to respond to the needs of the data subject.
- It is to inform and recommend you about goods, products, and services or to publish marketing and promotional materials or other benefits to contact details given by you upon your consent.
- It is to survey feedback, analyze, research, and gather statistical data for marketing purposes or in order to develop and improve our corporate operations upon your consent.
- It is for the benefit of management or internal operations of the Company necessary under legitimate interests.
- It is to inspect, supervise, restrict access to controlled areas, and maintain security around the building or premises of the company.
- It is to comply with laws related to the company’s operations, such as withholding tax.
- It is to provide information to government agencies with legal authority as requested by government agencies. such as the National Police Agency, Anti-Money Laundering Office, Revenue Department, and Court.
- It is to carry out any accounting and financial activities; including but not limited to auditing, debt notification and collection, tax operations, and transactions as prescribed by law.
- It is for our legitimate interests, including but not limited to call recordings obtained from the Call Center System and recordings obtained from CCTV.
- It is for compliance with the law, investigation process, relevant regulations, and our legal duties.
- It is to verify your identity.
- It is for other purposes upon your explicit consent.
Personal data transfer and disclosure |
The Company will not disclose and transmit your personal data to external parties unless with your explicit consent or in the following cases:
- In order to achieve the purposes outlined in this Privacy Policy, the Company may be required to disclose or share information only as necessary to partners, service providers, or external entities. The Company will enter into a personal data processing agreement as required by law.
- The Company may disclose or share personal data with affiliated companies. It will only process data for the purposes specified in this Privacy Policy.
- The law or legal process requires disclosure or disclosure to an official, government official, or competent authority in order to comply with a legal order or request.
Transferring or sending data to foreign countries |
The Company may transmit or transfer personal data to foreign countries. This will ensure that the destination country or the destination authority has adequate privacy protection standards and policies.
Retention Period |
The Company keeps your personal data only for as long as is necessary for the legitimate business interest for which the data was collected. It will be in accordance with the details set forth in the relevant policies, agreements, and notices unless a longer retention is required by law.
Protection of personal data |
The Company will take appropriate technical and organizational measures and information security routines to protect and secure the personal data against unauthorized access, disclosure, modification, or unauthorized destruction. These security safeguards include but are not limited to encrypting information and controlling access to the personal data of specific employees electronically and manually.
External websites or services |
The Company’s services may link to third-party websites or services. Such websites or services may have a personal data protection policy that is different from this policy. The company recommends that you study the privacy policy of that website or service to know in detail before using it. However, the Company is not associated with and has no control over the privacy protection measures of such websites or services and cannot be held responsible for the content, policies, damages, or actions caused by third-party websites or services.
Personal Data Protection Officer |
The Company has appointed a Personal Data Protection Officer to examine, supervise, and advise on the collection, use, or disclosure of personal data. It also includes coordinating and cooperating with the Personal Data Protection Commission to comply with the Personal Data Protection Act B.E. 2562.
Right of Data Subject |
You can exercise the rights as required by law and as set forth in this notice as follows:
Right to withdraw consent | you have the right to withdraw your consent at any time unless restricted by law or contractually beneficial to you. However, the withdrawal of consent will not affect the processing of personal data that you have previously given consent to the Company. |
Right to request access and obtain a copy of personal data | You have the right to request access and obtain a copy of personal data, unless the company has the right to refuse your request by law or court order or your request will have consequences that may harm the rights and freedoms of others. |
Right to request that personal data be updated | You have the right to request that personal data be updated, correct, complete and not cause misunderstanding. However, the Company can amend the above even if you do not request it. |
Right to request the erasure or removal or de-identification | You have the right to request the erasure or removal or de-identification of an individual in the following cases:When personal data is no longer necessary keep it for the purposes of collecting, using or disclosing personal data.When you withdraw your consent to the collection, use or disclosure of personal data and the Company has no legal authority to collect, use or disclose personal data further.When you object to the collection, use or disclosure of personal data and the Company has no legal authority to refuse it, unless the Company has legitimate grounds to decline your request |
Right to obtain or request the transmission or transfer of your personal data | You have the right to obtain or request the transmission or transfer of your personal data in the event that the Company has made the personal data in a readable or generally usable format by means of automated tools or equipment to use or disclose personal data by automatic means unless the technical condition is impracticable or for the benefit of the public or statutory duty or the exercise of infringement against the rights or freedoms of others. |
Right to objection | You have the right to objection, you have the right to object to the collection, use or disclosure of personal data at any time in the following cases:In the case of personal data which the Company operates under the lawful interest unless the Company demonstrates a more important legitimate cause or to establish a statutory claim, the performance or exercise of a statutory claim or to raise a statutory claim.Direct marketing objectivesTo study scientific, historical or statistical research unless the it is necessary for its mission in the public interest of the Company. |
Right to request that the use of personal data be restricted | You have the right to request that the use of personal data be restricted in the following circumstancesWhen the Company is in the process of reviewing your request to amend your personal data to be accurate, current, complete and not cause misunderstandings.Personal data that must be deleted or destroyed.When such personal data is no longer necessary because you are obliged to request the retention of your personal data in order to establish a legal claim, compliance or exercising legal claims or countering legal claims.When the Company is in the process of proving its right to refuse a request to object to the collection, use or disclosure of personal data. |
Penalties for non-compliance with the Privacy Policy |
Failure to comply with the policy may result in an offense and be subject to disciplinary action in accordance with the Company’s rules (for officers or operators). or in accordance with the personal data processing agreement (for personal data processors). However, it is subject to the case and your relationship with the Company and may be subject to penalties as determined by the Personal Data Protection Act B.E. 2562 along with all secondary laws, rules, regulations, and relevant orders.
Complaints to supervisory authorities |
In the event that you become aware that the Company has not complied with the Personal Data Protection Law, you have the right to submit a complaint to the Personal Data Protection Committee or a supervisory authority appointed by the Personal Data Protection Committee or by law. Before making such a complaint, please contact the Company to give us an opportunity to know the facts clarify the issues and resolve your concerns in the first place.
Amendment to the Privacy Policy |
The Company may update, amend, or change this Policy at its discretion by notifying you through https://wisesight.com with the effective date of each revised version. However, the Company would like to advise you to regularly check for the latest version of the Policy through specific channels for activities at the Company before you disclose your personal data to the Company.
Access to the Company’s products or services after the enforcement of the new policy constitutes acceptance of the terms of the new policy. Please stop using it if you do not agree with the details in this policy and please contact us for further clarification.
Contacts |
Should you have any questions, suggestions, or concerns about the collection, use, and disclosure of personal data by the Company or in relation to this policy or to exercise your rights under the Personal Data Protection Law, you can contact us at
Data Controller | Data Protection Officer | ||
Address | 123 Suntowers Building B, 33rd Floor, Room B3301-3304, Vibhavadi-Rangsit Rd., Chom Phon, Chatuchak, Bangkok 10900 Thailand | ||
Phone | 022741299 | ||
legal@wisesight.com,contact@wisesight.com | dpo@wisesight.com |
This Policy announced and/or latest updated on 1 January 2024 |