1.1 AEON Thana Sinsap (Thailand) Public Company Limited (“AEONTS” or “we”) has established and discloses this privacy policy statement (the “Privacy Policy Statement”) as our approach to explain how we, as the data controller, collect, use, disclose or otherwise process personal information of our [vendors, dealers, services providers and business partners, including their authorized directors, representatives and contact persons] and how we protect personal information and properly handle such information once the provisions under the Personal Data Protection Act B.E. 2562 (2019) (the “PDPA”) with respect to the processing of personal information become effective.
1.2 AEONTS recognizes the importance of protecting personal information, and complies with the PDPA and other relevant laws and regulations as well as internal regulations of AEONTS including this Privacy Policy Statement, and AEONTS strives to properly protect and handle personal information.
1.3 AEONTS collects personal information through appropriate and lawful means, and only to the extent necessary to achieve the purpose of utilization. Such collection, use, disclosure or otherwise processing of personal information will be in accordance with the provisions of relevant laws only.
1.4 AEONTS specifies the purpose of collection, use, disclosure or otherwise processing of personal information, and collects such information to the extent necessary in relation to the purpose. In cases where the purpose of collection, use, disclosure or otherwise processing of specific personal information is limited by relevant laws and regulations, AEONTS does not use such personal information beyond such limitations of the purpose. You may find details of purpose of collection, use, disclosure or otherwise processing of personal information in this Privacy Policy Statement.
1.5 AEONTS does not disclose personal information to any third party, except where the person concerned has granted prior consent in that regard, or where disclosure of personal information is based on laws.
1.6 AEONTS takes appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure, of personal information. When appointing any third party to process personal information on behalf of AEONTS, AEONTS appropriately oversees such third party.
1.7 AEONTS reviews the content of this Privacy Policy Statement as necessary, and strives to bring about continuous improvement such as to our systems and approaches for protecting personal information.
1.8 AEONTS trains and educates our employees regarding the importance of protecting personal information to ensure that they handle the personal information in an appropriate manner.
1.9 AEONTS responds in an appropriate and swift manner to requests for exercising data subject rights, any opinions or requests concerning its collection, use, disclosure or otherwise processing of personal information. Please see relevant details shown in this Privacy Policy Statement or please contact AEONTS at contact details shown below.
2.1 What is personal information?
Personal information means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly,
2.2 Personal information we collect, use, disclose or process
AEONTS collects several types of personal information, including:
– Identity data (for example, name, surname, identification card number, passport number, birthdate, and in some cases, AEONTS may process sensitive data such as finger vein biometric data only with your explicit consent or when permitted by law)
– Contact data (for example, address, telephone number, email)
– Financial data (for example, bank account, credit bureau, bankruptcy, anti-money laundering information)
– Data about your background verification
– Identity and contact data of your contact person indicated by you
– Any other information contained in your company profile, website, annual report and social media platforms
– Information obtained through video recordings during your work performance such as videos caught on CCTV
2.3 Sources of information
AEONTS may collect your personal information from various sources as follows:
(1) Collect information directly from you, for example:
– Vendor checklist and verification, registration procedures, contract signing, form filling, registrations or submissions of claims or requests for exercising your rights
– Your communication via our contact channels, for example, telephone, email, etc.
– Security procedure such as ID Card deposit when entering our premises
(2) Collect information from other sources, for example:
– Our vendors, dealers, service providers or business partners of which you hold a position as authorized directors, representatives, or employees
– Government authorities and supervising authorities such as Royal Thai Police, Anti-money Laundering Office, or other publicly available sources such as company website, information made available on the internet or social media platforms
AEONTS collects, uses, discloses or processes your personal information as a registrant to be vendor, vendor, dealer, service provider or business partner, or an authorized director, representative or employee acting on behalf of the individual or the aforementioned legal entity for various purposes depending on relationship between you and AEONTS as follows:
Processing purposes | Lawful basis |
To consider applications for using our products or services |
|
To enter into an agreement with you or your personnel |
|
To perform contractual obligations between AEONTS and you or your personnel as AEONTS’s vendors, dealers, service providers or business partners, including issuing purchase order, purchase requisition or invoice, maintaining records of AEONTS’s vendors, dealers, service providers or business partners, managing relationship (e.g. granting access to AEONTS’s database or AEONTS’s premises), and monitoring and evaluating performance of AEONTS’s vendors, dealers, service providers or business partners |
|
To prevent, detect and investigate fraud, unlawful activity, omission or misconduct, money laundering, financing of terrorism and other illegal actions |
|
To manage risks and undertake internal audit and administration |
|
To legally assign any rights, duties and benefits under relevant agreement between you or your personnel and AEONTS |
|
To comply with legal obligations and law enforcement requests, and to report information to government authorities as required by laws (e.g. anti-money laundering law, tax law, etc.) or upon receiving an order or a writ of attachment from police officers, government authorities or courts. |
|
To establish, comply or exercise the rights to legal claims or defend against the rights to legal claims |
|
To monitor security in and around our head office, regional offices, branches or premises including ID card deposit before accessing such areas, and using CCTV to collect videos of those who contact us at our premises |
|
To facilitate, deal with and/or administer external audit(s) or internal audit(s) for any operations of AEONTS |
|
To store, back up (whether for disaster or otherwise) of your and your personnel’s personal information |
|
AEONTS retains your personal information for as long as is considered necessary for the purpose for which it was collected, used, disclosed or processed as set out in this Privacy Policy Statement. The criteria used to determine our retention periods include: we retain the personal information for the duration we have an ongoing relationship with you; or we may retain the personal information for a longer period as necessary to comply with applicable laws, or to be in accordance with legal prescription, or to establish, comply with or exercise the rights to legal claims or defend against the rights to legal claims, or to be complied with, for any other cause, our internal policies and regulations.
AEONTS may disclose your personal information in certain circumstances, for the purposes set out in this Privacy Policy Statement, to:
5.1 Government authorities, supervising authorities or other authorities as stipulated by laws, including competent official, e.g. courts, police officers, Revenue Department.
5.2 Agencies, contractors/sub-contractors and/or service providers for their implementation and procedure, such as auditors, lawyers, legal advisers, and consultants.
5.3 Assignees of AEONTS’ rights, duties and benefits, including their attorneys, for example in case of transfer of rights and/or obligations under the relevant agreement, corporate restructuring, merger, acquisition, sale of assets, etc.
5.4 Our customers or other third parties as per contractual requirements or legal requirements, as the case may be.
6.1 Your rights under the PDPA
According to the PDPA, you have certain rights relating to your personal information as follows:
(1) Right to Withdraw Consent
You have the right to withdraw consent given to us for collecting, using or disclosing your personal information at any time, unless there is a restriction of the withdrawal of consent by law or the contract which gives benefits to you.
However, the withdrawal of consent shall not affect the collection, use or disclosure of personal information you have already given consent legally. In addition, where you withdraw consent, you may experience less convenience in rendering services, performing tasks or pursuing contractual or business relationship with AEONTS, or may not be able to maintain your status as our vendors, dealers, services providers and business partners.
(2) Right to Access
You have the right to request access to and obtain a copy of your personal information, which is under our responsibility, or to request the disclosure of the acquisition of the personal information obtained without your consent. At our discretion, we may require you to prove your identity before providing the requested information. If you require multiple copies of your personal information, we may charge a reasonable processing fee.
(3) Right to Object
You have the right to object to the collection, use, disclosure or otherwise processing of your personal information on grounds stipulated by law. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process your personal information for the establishment, exercise or defense of a legal claim.
(4) Right to Erasure
You have the right to request AEONTS to erase, destroy or make your personal information become unidentifiable data, under certain circumstances unless we are required to retain your personal information in order to comply with a legal obligation or to establish, exercise or defend legal claims.
(5) Right to Rectification
AEONTS will ensure that your personal information remains accurate, up-to-date, complete, and not misleading. However, if you consider that your personal information is inaccurate or changed, you have the right to request AEONTS to rectify your personal information to be accurate, up-to-date, complete, and not misleading.
6.2 How to exercise your rights
You may exercise the data subject rights listed above via the following channels:
– Privacy setting page (via this website or mobile application)
– Notification setting page (via this website or mobile application)
– Call Center at 02-665-0123 for (1)Right to Withdraw Consent and (5)Right to Rectification
– Other channels as specified in Clause 8 below for your right in Clause 6.1 (2)-(4)
Nonetheless, if we reject your request, we will inform you of the reasons.
6.3 Processing time
AEONTS will process your request within 30 days upon receipt of your valid request together with complete supporting documents. Until then, your personal information will still be unchanged in our database and may still be processed or you may be contacted by us, our partners or those who have retained your personal information as of the date of your request.
7.1 Implementation of Security Measures
AEONTS implements appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of personal information.
7.2 Disclosure of Personal Information to Data Processor
AEONTS properly supervises third parties to which AEONTS has appointed to process personal information pursuant to our orders or on our behalf.
If you have any questions or inquiries about the protection of your personal information, collection, use or disclosure of your personal information, or exercise of your rights, or have any claims, please contact us at:
AEON Thana Sinsap (Thailand) Public Company Limited and Data Protection Officer (Mr. Takashi Hisae)
Address: 388 Exchange Tower, 27th Floor, Sukhumvit Road, Kwaeng Klongtoey, Khet Klongtoey, Bangkok 10110
Tel: DPO Office 02-302-4656
E-mail: [email protected]
You also have the right to file a complaint with the relevant Personal Data Protection Committee if AEONTS violates or do not comply with the PDPA or other regulations or notifications issued in accordance with the PDPA.
This Privacy Policy Statement applies to the use of website, mobile application and LINE account of AEONTS only. When you link to third party websites via AEONTS Website, the personal information protection shall be in accordance with the privacy policy statement of such third party websites which are not related to AEONTS.
AEONTS regularly reviews and, if appropriate, updates this Privacy Policy Statement from time to time to ensure that your personal information is properly protected. In case of any update to this Privacy Policy Statement, AEONTS will inform you through Privacy Policy Statement on this website, notification on your device or other appropriate methods. Please refer to this page for the updated Privacy Policy Statement.
[Last updated on 1 February 2022]
1.1 AEON Thana Sinsap (Thailand) Public Company Limited (“AEONTS” or “we”) has established and discloses this privacy policy statement (the “Privacy Policy Statement”) as our approach to explain how we, as the data controller, collect, use, disclose or otherwise process personal information of our existing and future shareholders and/or their proxies or representatives, other investors and analysts, or other persons who attend the shareholders’ meetings held by AEONTS and how we protect personal information and properly handle such information once the provisions under the Personal Data Protection Act B.E. 2562 (2019) (the “PDPA”) with respect to the processing of personal information become effective.
1.2 AEONTS recognizes the importance of protecting personal information, and complies with the PDPA and other relevant laws and regulations as well as internal regulations of AEONTS including this Privacy Policy Statement, and AEONTS strives to properly protect and handle personal information.
1.3 AEONTS collects personal information through appropriate and lawful means, and only to the extent necessary to achieve the purpose of utilization. Such collection, use, disclosure or otherwise processing of personal data will be in accordance with the provisions of relevant laws only.
1.4 AEONTS specifies the purpose of collection, use, disclosure or otherwise processing of personal information, and collects such information to the extent necessary in relation to the purpose. In cases where the purpose of collection, use, disclosure or otherwise processing of specific personal information is limited by relevant laws and regulations, AEONTS does not use such personal information beyond such limitations of the purpose. You may find details of purpose of collection, use, disclosure or otherwise processing of personal information in this Privacy Policy Statement.
1.5 AEONTS does not disclose personal information to any third party, except where the person concerned has granted prior consent in that regard, or where disclosure of personal information is based on laws.
1.6 AEONTS takes appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure, of personal information. When appointing any third party to process personal information on behalf of AEONTS, AEONTS appropriately oversees such third party.
1.7 AEONTS reviews the content of this Privacy Policy Statement as necessary, and strives to bring about continuous improvement such as to our systems and approaches for protecting personal information.
1.8 AEONTS trains and educates our officers and employees regarding the importance of protecting personal information to ensure that they handle the personal information in an appropriate manner.
1.9 AEONTS responds in an appropriate and swift manner to requests for exercising data subject rights, any opinions or requests concerning its collection, use, disclosure or otherwise processing of personal information. Please see relevant details shown in this Privacy Policy Statement or please contact AEONTS at contact details shown below.
2.1 What is personal information?
Personal information means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly,
2.2 Personal information we collect, use, disclose or process
AEONTS collects several types of personal information, including:
– Identity data (for example, name, surname, identification card number, passport number, birthdate, gender, nationality, online identity (e.g. IP address, cookie, device ID)
– Contact data (for example, address, telephone number, email)
– Electronic traffic data (log file) where the meeting is held by electronic means
– Communication data (for example, images, video or voice recordings when attending meetings held by AEONTS)
– Other information (for example, numbers of shares and voting rights, information on proxy form or power of attorney)
2.3 Sources of information
AEONTS may collect your personal information from various sources as follows:
(1) Collect information directly from you, for example:
– Procedures for entering into contract, contract signing, form filling, questionnaires, registrations or submission of claims or requests
– Your communication with us via our contact channels, e.g. telephone, email, etc.
– Automatic system, e.g. when you use our website or application, etc.
(2) Collect information from other sources, for example:
– Thailand Securities Depository Company Limited (TSD)
– Your broker, agent, other investors and analysts, the shareholders or companies that you represent.
AEONTS collects, uses, discloses or processes your personal information for various purposes depending on relationship between you and AEONTS as follows:
Processing purposes | Lawful basis |
To perform contractual obligations between you and AEONTS, to hold shareholders’ meetings, to prepare for and manage the attendance and voting procedures for shareholders’ meeting, to distribute dividends to shareholders, to manage shareholders’ registration under public limited companies law and securities and exchange law, to comply with our internal procedures, to receive and deliver documents between you and AEONTS, including to provide you with shareholder communications such as notices of meetings and relevant enclosures, and to process any proxy forms |
|
To record video or voice when attending the shareholders’ meeting |
|
To comply with legal obligations and law enforcement requests, and to report information to government authorities as required by laws |
|
To manage risks and undertake internal audit and internal administration |
|
AEONTS retains your personal information for as long as is considered necessary for the purpose for which it was collected, used, disclosed or processed as set out in this Privacy Policy Statement. The criteria used to determine our retention periods include: we retain the personal information for the duration we have an ongoing relationship with you; or we may retain the personal information for a longer period as necessary to comply with applicable laws, or to be in accordance with legal prescription, or to establish, comply with or exercise the rights to legal claims or defend against the rights to legal claims, or to be complied with, for any other cause, our internal policies and regulations.
AEONTS may disclose your personal information in certain circumstances, for the purposes set out in this Privacy Policy Statement, to:
5.1 Government authorities, supervising authorities or other authorities as stipulated by laws, including competent official.
5.2 Agencies, contractors/sub-contractors and/or service providers for their implementation and procedure, such as
– Carriers, document storage and destruction service providers, printing house, IT development companies
– Auditors, lawyers, legal advisers, and consultants.
6.1 Your rights under the PDPA
According to the PDPA, you have certain rights relating to your personal information as follows:
(1) Right to Withdraw Consent
You have the right to withdraw consent given to us for collecting, using or disclosing your personal information at any time, unless there is a restriction of the withdrawal of consent by law or the contract which gives benefits to you.
However, the withdrawal of consent shall not affect the collection, use or disclosure of personal information you have already given consent legally.
(2) Right to Access
You have the right to request access to and obtain a copy of your personal information, which is under our responsibility, or to request the disclosure of the acquisition of the personal information obtained without your consent. At our discretion, we may require you to prove your identity before providing the requested information. If you require multiple copies of your personal information, we may charge a reasonable processing fee.
(3) Right to Data Portability
Where AEONTS arranges your personal information to be in the format which is readable or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means, you have the right to receive your personal information and are also entitled to:
(a) request us to send or transfer your personal information in such formats to other data controllers if it can be done by the automatic means;
(b) request to directly obtain your personal information in such formats that we send or transfer to other data controllers, unless it is impossible to do so because of the technical circumstances.
(4) Right to Object
You have the right to object to the collection, use, disclosure or otherwise processing of your personal information for direct marketing purposes or on grounds stipulated by law. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process your personal information for the establishment, exercise or defense of a legal claim.
(5) Right to Erasure
You have the right to request AEONTS to erase, destroy or make your personal information become unidentifiable data, under certain circumstances unless we are required to retain your personal information in order to comply with a legal obligation or to establish, exercise or defend legal claims.
(6) Right to Restriction of Processing
You have the right to request AEONTS to restrict the use of your personal information under certain circumstances where you believe such personal information to be inaccurate, our processing is unlawful; or we no longer need to process such personal information for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.
(7) Right to Rectification
AEONTS will ensure that your personal information remains accurate, up-to-date, complete, and not misleading. However, if you consider that your personal information is inaccurate or changed, you have the right to request AEONTS to rectify your personal information to be accurate, up-to-date, complete, and not misleading.
6.2 How to exercise your rights
You may exercise the data subject rights listed above via the following channels:
– Privacy setting page (via this website or mobile application)
– Notification setting page (via this website or mobile application)
– Call Center at 02-665-0123 for (1) Right to Withdraw Consent and (7) Right to Rectification
– Other channels as specified in Clause 8 below.
Nonetheless, if we reject your request, we will inform you of the reasons.
6.3 Processing time
AEONTS will process your request within 30 days upon receipt of your valid request together with complete supporting documents. Until then, your personal information will still be unchanged in our database and may still be processed or you may be contacted by us, our partners or those who have retained your personal information as of the date of your request.
7.1 Implementation of Security Measures
AEONTS implements appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of personal information.
7.2 Disclosure of Personal Information to Data Processor
AEONTS properly supervises third parties to which AEONTS has appointed to process personal information pursuant to our orders or on our behalf.
If you have any questions or inquiries about the protection of your personal information, collection, use or disclosure of your personal information, or exercise of your rights, or have any claims, please contact us at:
AEON Thana Sinsap (Thailand) Public Company Limited and Data Protection Officer (Mr. Takashi Hisae)
Address: 388 Exchange Tower, 27th Floor, Sukhumvit Road, Kwaeng Klongtoey, Khet Klongtoey, Bangkok 10110
Tel: DPO Office 02-302-4656
E-mail: [email protected]
You also have the right to file a complaint with the relevant Personal Data Protection Committee if AEONTS violates or do not comply with the PDPA or other regulations or notifications issued in accordance with the PDPA.
This Privacy Policy Statement applies to the use of website, mobile application and LINE account of AEONTS only. When you link to third party websites via AEONTS Website, the personal information protection shall be in accordance with the privacy policy statement of such third party websites which are not related to AEONTS.
AEONTS regularly reviews and, if appropriate, updates this Privacy Policy Statement from time to time to ensure that your personal information is properly protected. In case of any update to this Privacy Policy Statement, AEONTS will inform you through Privacy Policy Statement on this website, notification on your device or other appropriate methods. Please refer to this page for the updated Privacy Policy Statement.
[Last updated on 1 February 2022]
1.1 AEON Thana Sinsap (Thailand) Public Company Limited (“AEONTS” or “we”) including employees, directors, representatives, authorize persons or working on behalf of the persons above. has established and discloses this privacy policy statement (the “Privacy Policy Statement”) as our approach to explain how we, as the data controller, collect, use, disclose or otherwise process personal information of our existing customers and prospect customers and how we protect personal information and properly handle such information once the provisions under the Personal Data Protection Act B.E. 2562 (2019) (the “PDPA”) with respect to the processing of personal information become effective.
1.2 AEONTS recognizes the importance of protecting personal information, and complies with the PDPA and other relevant laws and regulations as well as internal regulations of AEONTS including this Privacy Policy Statement, and AEONTS strives to properly protect and handle personal information.
1.3 AEONTS collects personal information through appropriate and lawful means, and only to the extent necessary to achieve the purpose of utilization. Such collection, use, disclosure or otherwise processing of personal data will be in accordance with the provisions of relevant laws only.
1.4 AEONTS specifies the purpose of collection, use, disclosure or otherwise processing of personal information, and collects such information to the extent necessary in relation to the purpose. In cases where the purpose of collection, use, disclosure or otherwise processing of specific personal information is limited by relevant laws and regulations, AEONTS does not use such personal information beyond such limitations of the purpose. You may find details of purpose of collection, use, disclosure or otherwise processing of personal information in this Privacy Policy Statement.
1.5 AEONTS does not disclose personal information to any third party, except where the person concerned has granted prior consent in that regard, or where disclosure of personal information is based on laws.
1.6 AEONTS takes appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure, of personal information. When appointing any third party to process personal information on behalf of AEONTS, AEONTS appropriately oversees such third party.
1.7 AEONTS reviews the content of this Privacy Policy Statement as necessary, and strives to bring about continuous improvement such as to our systems and approaches for protecting personal information.
1.8 AEONTS trains and educates our officers and employees regarding the importance of protecting personal information to ensure that they handle customers’ personal information in an appropriate manner.
1.9 AEONTS responds in an appropriate and swift manner to requests for exercising data subject rights, any opinions or requests concerning its collection, use, disclosure or otherwise processing of personal information. Please see relevant details shown in this Privacy Policy Statement or please contact AEONTS at contact details shown below.
2.1 What is personal information?
Personal information means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly,
2.2 Personal information we collect, use, disclose or process
AEONTS collects several types of personal information, including:
– Identity data (for example, name, surname, identification card number, passport number, birthdate, gender, age, employee status and employee code (in case of group insurance product or service), nationality, marital status, and in some cases AEONTS may process sensitive data such as biometric data for face recognition only with your explicit consent or when permitted by law)
– Online identity/Electronic Identifier (for example, IP address, cookie or Software Development Kit (SDK) or similar technologies, device ID)
– Contact data (for example, address, telephone number, email)
– Transaction data (for example, credit card number, member card number, income information, financial statement, data of transaction via AEONTS products or services, credit history, debt payment history, asset information)
– Communication data (for example, images, video or voice recordings when communicating with us)
– Your insurance and insurance policy information (for example, insurance policy number and details, claims information, including other products or services in relation to your insurance)
– Your marketing preferences information and coverage plans which you are interested in
– Insured asset information related to AEONTS products or services (for example, type of assets, value, asset’s owner, asset’s location, vehicle license plate number)
– Sensitive personal data only to the extent necessary for our products or services (for example, religions and blood type information as shown on identification card, your health information, your treatment information and any other sensitive personal data shown in claims records) only with your explicit consent or when permitted by law
2.3 Sources of information
AEONTS may collect your personal information from various sources as follows:
(1) Collect information directly from you, for example:
– Procedures for applications for using our services, contract signing, form filling, questionnaires, registrations or submission of claims or requests
– Your communication with us via our contact channels, e.g. telephone, e-mail, etc.
– Automatic system, e.g. when you use our website or application, etc.
(2) Collect information from other sources, for example:
– Our customers, agents or service providers
– Our group companies or our business partners or Insurance Company.
– Government authorities or other publicly available sources, such as company website, information made available on the internet or social media platforms (e.g. Facebook, Twitter, LinkedIn, etc.), National Credit Bureau Co.,Ltd.,, The Revenue Department , Social Security office (SSO), National Heath Security Office (NSHO) , etc.
AEONTS collects, uses, discloses or processes your personal information for various purposes depending on relationship between you and AEONTS as follows:
Processing purposes | Lawful basis |
1. To consider applications for using our products or services Including customer data verification for credit approval process (e.g credit card and loan approval process) |
|
2. To conduct Know Your Customer (KYC) authentication for verifying customer identity and To conduct electronics Know Your Customer (e-KYC) authentication for verifying customer identity. |
|
3. To suggest products and services, and offer appropriate insurance plans. |
|
4. To use our products or services and comply with our internal procedures (e.g. delivery of documents between you and AEONTS). |
|
5. To enter into an agreement between AEONTS and you or corporate customers of AEONTS as an insurance broker. |
|
6. To provide services or undertake any operation relevant to the insurance policy(ies) that you have with the insurance company(ies) through AEONTS assistance and suggestion (for example, assisting in handling claims according to policy terms and policy renewal, including analysis of information related to the policy and claim records for assisting in negotiating insurance premium with the insurance company(ies) as per your request) |
|
7. To undertake AEONTS’s internal procedures, administration management, risk management, internal audit, receive or deliver documents between you and AEONTS, including storage and back up data and/or documents regarding your insurance policy or the insured’s for AEONTS’s internal administration (for example, insurance policy information, claim information, supporting documents for claim consideration, claim record analytical information) and to undertake AEONTS internal procedures, risk management, internal audit and administration, receive or deliver documents between you and AEONTS, including storage and back up data and/or documents regarding your insurance policy or the insured’s for AEONTS internal administration (for example, insurance policy information, claim information, supporting documents for claim consideration, claim record analytical information) |
|
8. To evaluate, improve and develop our products, services and sales promotion. |
|
9. To comply with legal obligations and law enforcement requests, and to report information to government authorities as required by laws (e.g. Bank of Thailand, Revenue Department, the Office of Insurance Commission) or upon receiving an order or a writ of attachment from police officers, government authorities or courts. |
|
10. To establish, comply or exercise the rights to legal claims or defend against the rights to legal claims. |
|
11. To conduct business planning, reporting, and forecasting |
|
12. To prevent and detect fraud, money laundering, financing of terrorism and other illegal actions |
|
13. To trace and collect debts |
|
14. To legally assign any rights, duties and benefits under contract between you and AEONTS, including transfer or selling of debts or transfer due to securitization |
|
15. To support inspection, investigation or other legal proceedings |
|
16. To monitor security in and around our head office, regional offices, branches or premises, including ID card deposits when entering our premises and using CCTV to collect videos of those who contact in person |
|
17. To manage risks and undertake internal audit and administration |
|
18. To manage our relationship with you, for example to manage claims, to offer benefits without marketing purposes and To manage our relationship with our clients (for example, to manage complaints which includes the complaints against our representatives or any persons acting on behalf of AEONTS) To offer benefits without marketing process. |
|
19. To analyze, research and develop our products and services to meet your requirements |
|
20. To analyze your spending or service using history and your preferences to enhance benefits and offering our products or services available currently and in the future |
|
21. To inform you of benefits and sales promotion for marketing purposes, to send activity invitations, to inform product or service information, including other notifications without marketing purpose |
|
22. To verify customer’s identity for access to AEONTS lounge |
|
23. To disclose to our agencies, contractors/sub-contractors and/or service providers for their implementation and procedure |
|
24. To disclose to our co-branded partners and business partners in order to enhance benefits and offering of existing and developing products or services of AEONTS and our co-branded partners and business partners, and to inform benefits and sales promotion |
|
25. To disclose to our group companies and business partners for marketing purposes, including offering products, services, benefits and other special offers |
|
AEONTS retains your personal information for as long as is considered necessary for the purpose for which it was collected, used, disclosed or processed as set out in this Privacy Policy Statement. The criteria used to determine our retention periods include: (i) we retain the personal information for the duration we have an ongoing relationship with you and provide the service to you; or we may retain the personal information for a longer period as necessary to comply with applicable laws, or to be in accordance with legal prescription, or to establish, comply with or exercise the rights to legal claims or defend against the rights to legal claims, or to be complied with, for any other cause, our internal policies and regulations.
AEONTS may disclose your personal information in certain circumstances, for the purposes set out in this Privacy Policy Statement, to:
5.1 Our subsidiaries, affiliates and any related companies for business purposes, internal management, offering for sale of products or services which you may be interested in, including undertaking any other activity as set out in this Privacy Policy Statement
5.2 Government authorities, supervising authorities or other authorities as stipulated by laws, including competent official, e.g. courts, police officers, Securities and Exchange Commission, Bank of Thailand, Anti-Money Laundering Office, Revenue Department.
5.3 Agencies, contractors/sub-contractors and/or service providers for their implementation and procedure, such as
– Carriers, providers of card issuing or destruction, document storage and destruction service providers, printing house, marketing agency, research companies, IT development companies
– Debt collection service provider (in the case where AEONTS assigns such debt collection service provider for trace and collection procedure and/or legal execution)
– National Credit Bureau Company Limited
– Auditors, lawyers, legal advisers, and consultants
– Data analysis and/or data comparison service provider
5.4 Assignees of AEONTS’ rights, duties and benefits, including their attorneys, for example in case of corporate restructuring, merger, acquisition, sale of assets, debt transferring or selling, securitization, etc.
5.5 Co-branded partners and business partners of AEONTS or other third parties as per your consent or contractual requirements or legal requirements, as the case may be
5.6 Insurance Company.
5.7 Road Accident Victims Protection Company Limited for registering the compulsory insurance policy
It is necessary for AEONTS to send or transfer your personal information internationally in order to develop and support our technology services and/or to provide any related services. We will have your personal information sent or transferred internationally by the most secure method in order to maintain and protect the security of your personal information. In addition, we will make our best efforts to ensure that the recipients of the personal information who are located abroad have adequate personal data protection standards as necessary and appropriate in order to comply with the PDPA.
AEONTS may collect and use cookies and/or similar technologies (e.g. Software Development Kit (SDK)) when you use our products, services, mobile application, website, including conduct financial transactions through Internet Banking.
The collection and use of cookies and/or similar technologies help AEONTS analyze your information, recognize you, remember your preferences and/or behavior when using our products, services, mobile application, website, including when conducting financial transactions through Internet Banking so that we can enhance and develop our ability to provide our products and services that are suitable to your needs.
In addition, AEONTS may use cookies and/or similar technologies for a variety of purposes, e.g. to assist you in using basic functions, to better understand you and give you a better online experience, or to communicate with you more effectively.
8.1 Your rights under the PDPA
According to the PDPA, you have certain rights relating to your personal information as follows:
(1) Right to Withdraw Consent
You have the right to withdraw consent given to us for collecting, using or disclosing your personal information at any time, unless there is a restriction of the withdrawal of consent by law or the contract which gives benefits to you.
However, the withdrawal of consent shall not affect the collection, use or disclosure of personal information you have already given consent legally. In addition, where you withdraw consent, you may experience less convenience in using our products or services, or may not receive our benefits or special offers.
(2) Right to Access
You have the right to request access to and obtain a copy of your personal information, which is under our responsibility, or to request the disclosure of the acquisition of the personal information obtained without your consent. At our discretion, we may require you to prove your identity before providing the requested information. If you require multiple copies of your personal information, we may charge a reasonable processing fee.
(3) Right to Data Portability
Where AEONTS arranges your personal information to be in the format which is readable or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means, you have the right to receive your personal information and are also entitled to:
(a) request us to send or transfer your personal information in such formats to other data controllers if it can be done by the automatic means;
(b) request to directly obtain your personal information in such formats that we send or transfer to other data controllers, unless it is impossible to do so because of the technical circumstances.
(4) Right to Object
You have the right to object to the collection, use, disclosure or otherwise processing of your personal information for direct marketing purposes or on grounds stipulated by law. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process your personal information for the establishment, exercise or defense of a legal claim.
(5) Right to Erasure
You have the right to request AEONTS to erase, destroy or make your personal information become unidentifiable data, under certain circumstances unless we are required to retain your personal information in order to comply with a legal obligation or to establish, exercise or defend legal claims.
(6) Right to Restriction of Processing
You have the right to request AEONTS to restrict the use of your personal information under certain circumstances where you believe such personal information to be inaccurate, our processing is unlawful; or we no longer need to process such personal information for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.
(7) Right to Rectification
AEONTS will ensure that your personal information remains accurate, up-to-date, complete, and not misleading. However, if you consider that your personal information is inaccurate or changed, you have the right to request AEONTS to rectify your personal information to be accurate, up-to-date, complete, and not misleading.
8.2 How to exercise your rights
You may exercise the data subject rights listed above via the following channels:
– Privacy setting page (via this website or mobile application)
– Notification setting page (via this website or mobile application)
– Contact Center at 02-665-0123 for (1)Right to Withdraw Consent and (7)Right to Rectification
– Other channels as specified in Clause 10 below for your right (2)-(6)
Nonetheless, if we reject your request, we will inform you of the reasons.
8.3 Processing time
AEONTS will process your request within 30 days upon receipt of your valid request together with complete supporting documents. Until then, your personal information will still be unchanged in our database and may still be processed or you may be contacted by us, our partners or those who have retained your personal information as of the date of your request.
9.1 Implementation of Security Measures
AEONTS implements appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of personal information.
9.2 Disclosure of Personal Information to Data Processor
AEONTS properly supervises third parties to which AEONTS has appointed to process personal information pursuant to our orders or on our behalf.
If you have any questions or inquiries about the protection of your personal information, collection, use or disclosure of your personal information, or exercise of your rights, or have any claims, please contact us at:
AEON Thana Sinsap (Thailand) Public Company Limited and Data Protection Officer (Mr. Takashi Hisae)
Address: 388 Exchange Tower, 27th Floor, Sukhumvit Road, Kwaeng Klongtoey, Khet Klongtoey, Bangkok 10110
Tel: DPO Office 02-302-4656
E-mail: [email protected]
You also have the right to file a complaint with the relevant Personal Data Protection Committee if AEONTS violates or do not comply with the PDPA or other regulations or notifications issued in accordance with the PDPA.
This Privacy Policy Statement applies to the sales of products or provision of services and use of website, mobile application and LINE account of AEONTS only. When you link to third party websites via AEONTS Website, the personal information protection shall be in accordance with the privacy policy statement of such third party websites which are not related to AEONTS.
AEONTS regularly reviews and, if appropriate, updates this Privacy Policy Statement from time to time to ensure that your personal information is properly protected. In case of any update to this Privacy Policy Statement, AEONTS will inform you through Privacy Policy Statement on this website, notification on your device or other appropriate methods. Please refer to this page for the updated Privacy Policy Statement.
[Last updated on 12 September 2023]
AEONTS and subsidiaries are committed to combating money-laundering and financing of terrorism and the proliferation of weapons of mass destruction to be complied with the applicable laws and regulation of legal entity and also to be complied with AFS Group’s AML/CFT policy.
We are taking into the account its social responsibility as a financial institution, company and corporate group, considers the prevention of money laundering and terrorist financing to be one of its most important management issues.
In order to prevent of money laundering and terrorist financing, the company wholly or majority-owned or controlled legal entities as a source of money laundering and supporting financial to terrorist and proliferation of weapon of mass destruction implements the AML/CFT/WMD policy as followings:
1.1 AEON Thana Sinsap (Thailand) Public Company Limited (“AEONTS” or “we”) has established and discloses this privacy policy statement (the “Privacy Policy Statement”) as our approach to explain how we, as the data controller, collect, use, disclose or otherwise process personal information of our employees (including our outsourced staffs) and ex-employees, including family members, contact persons, reference persons, guarantors, associates and other related persons of our employees and ex-employees, and how we protect personal information and properly handle such information once the provisions under the Personal Data Protection Act B.E. 2562 (2019) (the “PDPA”) with respect to the processing of personal information become effective.
1.2 AEONTS recognizes the importance of protecting personal information, and complies with the PDPA and other relevant laws and regulations as well as internal regulations of AEONTS including this Privacy Policy Statement, and AEONTS strives to properly protect and handle personal information.
1.3 AEONTS collects personal information through appropriate and lawful means, and only to the extent necessary to achieve the purpose of utilization. Such collection, use, disclosure or otherwise processing of personal information will be in accordance with the provisions of relevant laws only.
1.4 AEONTS specifies the purpose of collection, use, disclosure or otherwise processing of personal information, and collects such information to the extent necessary in relation to the purpose. In cases where the purpose of collection, use, disclosure or otherwise processing of specific personal information is limited by relevant laws and regulations, AEONTS does not use such personal information beyond such limitations of the purpose. You may find details of purpose of collection, use, disclosure or otherwise processing of personal information in this Privacy Policy Statement.
1.5 AEONTS does not disclose personal information to any third party, except where the person concerned has granted prior consent in that regard, or where disclosure of personal information is based on laws.
1.6 AEONTS takes appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure, of personal information. When appointing any third party to process personal information on behalf of AEONTS, AEONTS appropriately oversees such third party.
1.7 AEONTS reviews the content of this Privacy Policy Statement as necessary, and strives to bring about continuous improvement such as to our systems and approaches for protecting personal information.
1.8 AEONTS trains and educates our officers and employees regarding the importance of protecting personal information to ensure that they handle personal information of data subject under this Privacy Policy Statement in an appropriate manner.
1.9 AEONTS responds in an appropriate and swift manner to requests for exercising data subject rights, any opinions or requests concerning its collection, use, disclosure or otherwise processing of personal information. Please see relevant details shown in this Privacy Policy Statement or please contact AEONTS at contact details shown below.
2.1 What is personal information?
Personal information means any information relating to an individual, which enables the identification of such individual, whether directly or indirectly,
2.2 Personal information we collect, use, disclose or process
AEONTS collects several types of personal information, including:
– Identity data (for example, name, surname, identification card number, passport number, birth date, gender, nationality).
– Contact data (for example, address, telephone number, email)
– Financial data (for example, bank account, credit bureau, anti-money laundering information)
– Information relevant to your work such as working details, work permit details, work performance evaluation, leave information, information about your use of our information and communication systems Work performance related information (for example, working details, work performance evaluation, test score, and in some cases, AEONTS may process sensitive data such as biometric data health data, religion as shown in your identification card, and criminal record only with your explicit consent or when permitted by law)
– Personal information of your family members to the extent that is necessary for your employment benefits
– Information obtained through video and voice recordings during your work performance such as images caught on CCTV, voice recordings during conversation with customers or other third parties
2.3 Sources of information
AEONTS may collect your personal information from various sources as follows:
(1) Collect information directly from you, for example:
– Our internal process for your employment contract, when you sign employment contract, and employee insurance and benefit claims processes.
– Your communication with us via our contact channels, e.g. telephone, e-mail, etc.
– AEONTS online system, e.g. when you use our website or internal system, etc.
(2) Collect information from other sources, for example:
– Government authorities such as Royal Thai Police, Anti-money Laundering Office, and court.
– Hospital that performs health checkup for new employees.
– From your employer (for outsourced staffs).
AEONTS collects, uses, discloses or processes your personal information for various purposes depending on relationship between you and AEONTS as follows:
Processing purposes | Lawful basis |
To perform any relevant procedures for our employment contract with you including all agreements related to employment such as Non-disclosure agreement, etc. |
|
To perform our duties under employment contract and other processes related to the employment contract such as salary payment, employee data records, [hiring disability employees], generating reports for all types of leaves, work performance evaluation, probation evaluation and confirmation, provident fund applications and fund-related information management, parking permit, etc. |
|
To comply with our legal or regulatory obligations and law enforcement request, and to report information to government authorities as required by laws, e.g. Revenue Department, Social Security Office, Department of Labour Protection and Welfare, or upon receiving an order or a writ of attachment from police officers, government authorities or courts, etc. |
|
For you to perform obligations under employment contract as the employee of AEONTS including using your vein scan to ensure the information and system security of AEONTS for your performance under employment contract |
|
To administer matters relating to your health and insurance such as providing health checkup, health insurance, other insurance and insurance claim, etc. |
|
To provide trainings for employees as agreed or determined in the employment contract and company policy, regulations, or work rules |
|
To monitor security in and around our head office, regional offices, branches or premises through CCTV system |
|
To support your loan and/or credit card application by providing your employment status to a commercial bank |
|
To manage and resolve any complaints regarding performance under employment contract including detection, investigation, or other legal process |
|
To establish, comply or exercise the rights to legal claims or defend against the rights to legal claims |
|
To maintain your records after your employment with us ended as our future reference for your re-application |
|
To disclose to our customers, vendors or other third parties due to the rights and obligations for work performance under employment contract |
|
To disclose to our agencies, service providers or sub-contractors for any operations of AEONTS |
|
AEONTS retains your personal information for as long as is considered necessary for the purpose for which it was collected, used, disclosed or processed as set out in this Privacy Policy Statement. The criteria used to determine our retention periods include: (i) we retain the personal information for the duration we have an ongoing employment relationship with you; or we may retain the personal information for a longer period as necessary to comply with applicable laws, or to be in accordance with legal prescription, or to establish, comply with or exercise the rights to legal claims or defend against the rights to legal claims, or to be complied with, for any other cause, our internal policies and regulations.
AEONTS may disclose your personal information in certain circumstances, for the purposes set out in this Privacy Policy Statement, to:
5.1 Government authorities, supervising authorities or other authorities as stipulated by laws, including competent official, e.g. courts, police officers, Social Security office, Revenue Department, Immigration Bureau, Ministry of Commerce, Student Loan Fund.
5.2 AEONTS parent company in Japan for internal administrative purposes such as handling employees’ complaint.
5.3 Our customers, vendors or other third parties due to the rights and obligations for work performance under employment contract.
5.4 Agencies, contractors/sub-contractors and/or service providers for their implementation and procedure such as document storage and destruction service providers, printing house, IT development companies, auditor, lawyer, consultants, etc.
5.5 External training institutes.
5.6 Banks or credit card companies expected to have a legal relationship with you.
5.7 Hospital for your annual health checkup.
5.8 Insurance companies.
5.9 Provident fund management company.
6.1 Your rights under the PDPA
According to the PDPA, you have certain rights relating to your personal information as follows:
(1) Right to Withdraw Consent
You have the right to withdraw consent given to us for collecting, using or disclosing your personal information at any time, unless there is a restriction of the withdrawal of consent by law or the contract which gives benefits to you.
However, the withdrawal of consent shall not affect the collection, use or disclosure of personal information you have already given consent legally. In addition, where you withdraw consent, you may experience less convenience in working with AEONTS, or may not receive employees’ benefits or special offers.
(2) Right to Access
You have the right to request access to and obtain a copy of your personal information, which is under our responsibility, or to request the disclosure of the acquisition of the personal information obtained without your consent. At our discretion, we may require you to prove your identity before providing the requested information. If you require multiple copies of your personal information, we may charge a reasonable processing fee.
(3) Right to Data Portability
Where AEONTS arranges your personal information to be in the format which is readable or commonly used by ways of automatic tools or equipment, and can be used or disclosed by automated means, you have the right to receive your personal information and are also entitled to:
(a) request us to send or transfer your personal information in such formats to other data controllers if it can be done by the automatic means;
(b) request to directly obtain your personal information in such formats that we send or transfer to other data controllers, unless it is impossible to do so because of the technical circumstances.
(4) Right to Object
You have the right to object to the collection, use, disclosure or otherwise processing of your personal information on grounds stipulated by law. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process your personal information for the establishment, exercise or defense of a legal claim.
(5) Right to Erasure
You have the right to request AEONTS to erase, destroy or make your personal information become unidentifiable data, under certain circumstances unless we are required to retain your personal information in order to comply with a legal obligation or to establish, exercise or defend legal claims.
(6) Right to Restriction of Processing
You have the right to request AEONTS to restrict the use of your personal information under certain circumstances where you believe such personal information to be inaccurate, our processing is unlawful; or we no longer need to process such personal information for a particular purpose, but where we are not able to delete the data due to a legal or other obligation or because you do not want us to delete it.
(7) Right to Rectification
AEONTS will ensure that your personal information remains accurate, up-to-date, complete, and not misleading. However, if you consider that your personal information is inaccurate or changed, you have the right to request AEONTS to rectify your personal information to be accurate, up-to-date, complete, and not misleading.
6.2 How to exercise your rights
You may exercise the data subject rights listed above via the following channels:
- SAP SuccessFactors System of the Company (for consent withdrawal)
- Channels specified in Clause 8 below.
Nonetheless, if we reject your request, we will inform you of the reasons.
In addition, outsource staffs may withdraw their consent by notifying head of section in charge of your outsourcing contract.
6.3 Processing time
AEONTS will process your request within 30 days upon receipt of your valid request together with complete supporting documents. Until then, your personal information will still be unchanged in our database and may still be processed or you may be contacted by us, our partners or those who have retained your personal information as of the date of your request.
7.1 Implementation of Security Measures
AEONTS implements appropriate security measures for preventing unauthorized or unlawful loss, access to, use, alteration, correction or disclosure of personal information.
7.2 Disclosure of Personal Information to Data Processor
AEONTS properly supervises third parties to which AEONTS has appointed to process personal information pursuant to our orders or on our behalf.
If you have any questions or inquiries about the protection of your personal information, collection, use or disclosure of your personal information, or exercise of your rights, or have any claims, please contact us at:
AEON Thana Sinsap (Thailand) Public Company Limited and Data Protection Officer (Mr. Takashi Hisae)
Address: 388 Exchange Tower, 27th Floor, Sukhumvit Road, Kwaeng Klongtoey, Khet Klongtoey, Bangkok 10110
Tel: DPO Office 02-302-4656
E-mail: [email protected]
You also have the right to file a complaint with the relevant Personal Data Protection Committee if AEONTS violates or do not comply with the PDPA or other regulations or notifications issued in accordance with the PDPA.
This Privacy Policy Statement applies to the use of website, mobile application and LINE account of AEONTS only. When you link to third party websites via AEONTS Website, the personal information protection shall be in accordance with the privacy policy statement of such third party websites which are not related to AEONTS.
AEONTS regularly reviews and, if appropriate, updates this Privacy Policy Statement from time to time to ensure that your personal information is properly protected. In case of any update to this Privacy Policy Statement, AEONTS will inform you through Privacy Policy Statement on this website or other appropriate methods. Please refer to this page for the updated Privacy Policy Statement.
[Last updated on 1 February 2022]