Privacy Policy

Sprout Solutions (Thailand) Limited
Policy relating to Personal Data Protection for Customers

Privacy Policy for Customers

Sprout Solutions (Thailand) Limited (hereinafter the “Company”) aims to protect your Personal Data as you are the Company’s customer. Your Personal Data will be rotected under the Thai Personal Data Protection Act BE 2562. The Company as the Data Controller has the legal duty to inform you via this document of the Company’s purpose to collect, use, and/or disclose Personal Data, including to inform you of your rights as the data subjects. The contents are as follows: Definitions In this privacy policy, the following terms shall have the following meanings:

Definitions

In this privacy policy, the following terms shall have the following meanings:

Categories of Personal Data collected by the Company

Source of Personal Data

The Company may obtain Personal Data directly from you. For instance, you may browse the Company’s website and provide such Personal Data via the Company’s website, or when you provide such Personal Data via prepared channels, such as phone calls, other of the Company’s documents or forms, and communication applications. The Personal Data may also be directly obtained when you submit documents which contain Personal Data relating to you when you enter into a contract or a transaction with the Company, when you purchase goods or services from the Company, or when you submit opinions or request to the Company, and so on.

The Company may receive Personal Data from other sources, such as from the public authorities, business partners, or other reliable websites, and so on.

Purpose of Processing Personal Data

The Company has the following purposes and lawful basis for the collection, use, and/or disclosure of Personal Data as follows:

Disclosure of Personal Data

The Company shall only disclose your Personal Data under the informed purposes to individuals or agencies are as follows:
  •  The Company may disclose your information to the employees of affiliated companies as necessary for the purpose of Processing the data on the basis which you have been previously informed;

  • Service provider who acts as a Data Processor which the Company has designated or hired for the purpose of managing or Processing the data for the Company in various services, such as human resource management, information technology services, or other services relating to the operation of the Company, or services which may benefit you;

  •  Government agencies, regulators, or other agencies with legitimate power, including officials or responsible agencies with power or duties under the laws, such as the Revenue Department, Social Security Department, Department of Business Development, Personal Data Protection Committee, National Police Department, the courts, police departments, Bank of Thailand, and hospitals, and so on;

  • Suppliers, contractors, or contracting parties of the Company relating to the Company businesses;

  •  State enterprises or private agencies, such as banks, financial institutions, insurance companies, and hospitals and so on;

  •  The Company’s consultants, such as external auditors, trainers or speakers, lawyers or legal consultants;

  •  Other persons or agencies to whom you have given consent to disclose your Personal Data

Retention Period in Storing Personal Data

The Company will collect your Personal Data for as long as necessary for the purposes which the Company has informed you, or other purposes listed on this policy. In the case where your relationship with the Company as the customer ends, or where services and transactions no longer occur between you and the Company, the Company will retain your Personal Data for the duration which the law has provided, in accordance with legal prescription, or for a period designated by public agencies, or for the purpose of establishing legal claims. After the expiration of the retention period of Personal Data, the Company shall proceed to erase, destroy, or anonymise such Personal Data.

Link to Third Parties Website Disclaimer

The Company’s website may contain links to other websites owned by outside persons, and such persons may collect your data. The Company cannot be responsible for the safety and security of any Personal Data collected by other websites. You should examine the privacy policy of the websites and goods and services offered by such websites with utmost scrutiny.

The Rights of Data Subject

As a Data Subject, you have the rights to request the Company to use your Personal Data within the scope of the laws as follows:
  •  You have the right to access your Personal Data and the right to request for a copy of your Personal Data being controlled by the Company or request the Company to inform any acquisitions of Personal Data in which consent has not been given;

  •  You have the right to amend your Personal Data to make the information accurate, upto-date, and not misleading. In the case where you foresee that such data is inaccurate, outdated, incomplete, or may cause misunderstanding;

  •  You have the right to withdraw your consent given to the Company for the purpose of collecting, using, and disclosing your Personal Data at any moment, except in the case where such withdrawal is limited by the law, or a contract which benefits you, such as in the case where you are the Company’s debtor or bound by any legal obligations towards the Company. In any case, your withdrawal of consent may make it impossible for you to receive services or engage in transactions with the Company, or may reduce the efficiency of the services to be received from the Company;

  • You have the right to receive the Personal Data concerning yourself from the Company. In which the Company shall arrange such Personal Data to be in the format which is readable or commonly used by ways of automatic tools or equipment and can be used or disclosed by automated means. You are also entitled to request the Company to send or transfer the Personal Data in such formats to other Data Controllers if it can be done by the automatic means or entitled to request to directly obtain the Personal Data in such formats that the Company sends or transfers to other Data Controllers unless it is impossible to do because of the technical circumstances;

  •  You have the right to object the Processing of your Personal Data at any moment in the following cases:

    • Such Personal Data is collected for the purpose of the Company’s public tasks or for the Company’s necessary legitimate interest;

    •  Such Personal Data is being used for the purpose of direct marketing; or

    • Such Personal Data is being processed for the purpose of scientific, historic,

    • or statistic study, except in the case where such Processing is done for the benefit of the Company’s public task;

    • You have the right to request the Company to erase or destroy or anonymise Personal Data to be non-identifiable data in some cases;

    •  You have the right to request the Company to temporarily restrict the use of your Personal Data in the following cases:
      • Where the Company is in the process of investigating in accordance with your request to amend your Personal Data;

      • When such Personal Data which shall be erased or destroyed because it has been unlawfully collected, used, and/or disclosed, but you request for restriction of the use instead;

      • When such Personal Data is no longer necessary for the Company to retain, but you have provided contrary intention for the Company to instead retain such data for the establishment, compliance, exercise or defense of legal claims; or

      •  In the case where you exercise your right to object the Processing of data and the Company is conducting an investigation to comply with your request; or

      •  You have the right to lodge a complaint to the Personal Data Protection Committee under the Personal Data Protection law in the case where the Company, its employees, employers, or the Data Processors violate or fail to comply with the Personal Data Protection Act BE 2562.
In any case, the Company reserves the right to consider whether to comply with your requests and conduct the procedures under the Personal Data Protection Act BE 2562.

Data Security Measures in Storing Personal Data

The Company recognised the importance of maintaining the security of your Personal Data. Therefore, the Company has designated a proper security measure for protecting your Personal Data to prevent loss, access, destruction, usage, modification, correction, or disclosure by unauthorised persons in order to comply with the policy and/or code of conduct in maintaining the Company’s information security. The Company will organise a security measure for Personal Data, which encompasses management, technical, and physical measures in controlling the use of Personal Data. Such measures shall include at least the following conducts:
  • Implementing access control of the Personal Data and equipment used for storing and Processing Personal Data, with utmost consideration given to practical usage and security;

  •  Determining permissions or right to access the Personal Data;

  • Managing the access of users in order to ensure that only authorised persons can access the Personal Data;

  • Establishing duties for users in order to prevent unauthorised access, disclosure, acknowledgment, or copy of Personal Data, including stealing of Personal Data storage equipment; and

  • Organising a method for traceable access, modification, erasure, and transfer or Personal Data to be suitable for the methods and media under which the data has been collected, used, or disclosed.

Revision of Privacy Policy

This privacy policy is created for the purpose of informing details and methods to secure your Personal Data. The Company may occasionally partly or wholly modify this policy in accordance with changing laws, rules, and regulations. Thus, it is best that you keep yourself updated to any changes.

Contact Information

If you have any questions or wish to contact the Company for further information concerning the Processing of your Personal Data, including your rights as the data subject under this policy, or wish to report illegitimate use of your Personal Data, you may contact the Company via the following channels:

Sprout Solutions (Thailand) Limited

5 Soi Pipat Silom Bangkok 10500 Email: [email protected] Phone: +66 2 401 9250

Data Protection Officer

Email: [email protected] Phone: +66 2 401 9250
Scroll to Top