Thaivivat Insurance Public Company Limited (“the Company”) and/or its affiliates have provided this Privacy Policy for customers who access the website or apply the service of the Company and/or its affiliates to acknowledge the guidance and personal data management of the Company and/or its affiliates. The collection, usage and disclosure of personal data of such customers are to be in line with laws, regulations and rules relevant to personal data protection with the following details:
Personal Data denotes the data of an individual who can be identified both directly or indirectly but not including the information of the deceased such as name, surname, age, date of birth, telephone number, identification number and/ or any data required by the law etc.
Sensitive Data denotes the data of a particular person which is sensitive and presents significant risks to the person’s fundamental rights and freedoms such as racial, ethnic origin, political opinions, religious or philosophical beliefs, data concerning health, disability etc.
Data Subject denotes the individual that the data refers to
Data Processing denotes any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, utilize, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Application denotes program or sets of orders used to control the work of mobile computing and its components to work as per the order and satisfy the needs of the customers. The application would consist of User Interface or UI as the medium
IP Address denotes a numeric identifier of each devices such as computer or printer which uses internet protocol
Cookies denotes small computer data that websites of the Company and/or its affiliates send to other computers or electronic devices connected to internet in order to collect a data log of your internet usage or your behavior while visiting our website. Cookies would be sent to the origin website every time you visit the website.
The Company and/or its affiliates would collect your own personal data provided by you or personal data that provided for any services or managements of the Company and/or its affiliates by following channels:
The Company and/or its affiliates may receive your personal data from the following channels:
2.1) When the Company and/or its affiliates directly receive your personal data the Company and/or its affiliates would collect and store your personal data from the step of services as below:
2.1.1) Procedures of applying for insurance or claims, any service with the Company and/or its affiliates via the Company and/or its affiliates’ website or documentation from any insurance application or services
2.1.2) From voluntarily taking survey, attending any activities, email correspondence or any communication between you and the Company and/or its affiliates
2.1.3) From visiting websites or access to the Company and/or its affiliates’ website via your Browser’s Cookies
2.1.4) From your contact both telephone call and/or email
2.1.5) From recruitment, recruitment guarantee and any relevant transactions
2.2) The Company and/or its affiliates would receive your personal data from the following third party:
2.2.1) Agent / General Insurance Broker
2.2.2) Affiliate
2.2.3) Medical Center, garage, contracted dealer, surveying company and any service providers relevant to the Company and/or its affiliates’ non-life insurance products
2.2.4) Government Agency or any regulators empowered by the laws such as the Office of Insurance Commission (OIC), the Anti-Money Laundering Office (AMLO), the Office of the National Anti-Corruption Commission (NACC), the Revenue Department, police station, District Office or the Bureau of Registration Administration (BORA), Land Office, medical center, the Department of Land Transport (DLT), Province Transport Office, organization, person or any juridical person empowered by the laws to collect your personal data and disclose to the Company and/or its affiliates.
2.2.5) Any General Insurers
2.2.6) The Stock Exchange of Thailand and Thailand Securities Depository Co., Ltd.
2.2.7) Employment Service Provider
The Company and/or its affiliates would aim to collect, utilize and disclose the personal data with the following purposes:
3.1) To consider the underwriting, claims and benefit payment according to insurance contract and any services as insurer to improve the Company and/or its affiliates’ insurance products and services, including products or service launched in the future and utilize the details of products and services utilized by you for processing and offering products and services that you might additionally be interested in throughout supervision, maintenance and management regarding the such service
3.2) To manage the relationship between you and the Company and/or its affiliates and to communicate, inform and/or receive news from the company and/or its affiliates or any amendments of the Company and/or its affiliates
3.3) To confirm and/or identify your own identity to access services through any channels or communicate with the Company and/or its affiliates
3.4) To proceed as per your intentions which are given to the Company and/or its affiliates.
3.5) To propose benefits and/or services of the Company and/or its affiliates such as advising and/or proposing the products and services, including promotions and any transactions about the Company and/or its affiliates’ services.
3.6) To analyze and understand customer website usage behavior so that the Company and/or its affiliates would develop and improve the Company and/or its affiliates’ website to be more convenient and efficient from such findings.
3.7) To operate the business of the Company and/or its affiliates such as data analysis, data inspection, new product development, service improvement or amendment, service analysis, sale promotion survey, the consideration of the Company and/or its affiliate management and expansion
3.8) To proceed with necessary and suitable works as follows:
a) Inspect and prevent the violation against the laws
b) Respond to the request of the government or government agencies including international government where the data subject is residing
c) Enforcing the rules on services providing and the privacy policies
d) Protect the Company and/or its affiliates’ business
e) Protect the privacy rights, security and assets of the Company and/or its affiliates, personnel, data subject or any other persons
f) Remedy, protect or limit the damages that may occur
3.9) To act in accordance with the laws, investigation of the officers or the supervising agency to act in accordance with the rules, regulations or relevant laws such as the compliance with laws and requirement, regulations and contracts (including service conditions of the Company and/or its affiliates)
3.10) Communication related to service, service providing or customer care, quality control of services provided
3.11) Security of network and data
3.12) Research and development, website user experience improvement
3.13) Acquisition, amalgamation or organization restructuring
3.14) Marketing event participation etc.
Other purposes which are not specified, you would be informed when the Company and/or its affiliates would collect your personal data.
Whenever the Company and/or its affiliates have received your personal data, the Company and/or its affiliates would collect, utilize or disclose such personal data only under the purposes specified in no. 3 with the following conditions:
When receiving such personal data from mentioned sources of personal data, the Company and/or its affiliates would perform the following actions:
4.1) Collection: The Company and/or its affiliates would collect your personal data under the purposes in no. 3)
4.2) Usage: The Company and/or its affiliates would utilize your personal data under the purposes in no. 3). In some cases, to propose product offerings and services, the Company and/or its affiliates would have to collect sensitive personal data by explicitly requesting your consent from you to operate as per the company and/or its affiliates’ purpose.
Apart from the aforementioned purposes and under the law, the Company and/or its affiliates would utilize the personal data for the purpose of marketing such as to send promotion documents via the post, e-mail or any other methods including the direct marketing. This is to provide additional benefits to the data subject who is the customer of the Company and/or its affiliates.
You are able to opt out of the communication for the purpose of marketing except the necessary communication related to services provided by the Company and/or its affiliates.
4.3) Disclosure: The Company and/or its affiliates would disclose your personal data under the purposes in no. 3) to the following persons and organizations:
4.3.1) Permitted insurance brokers, agents, financial advisors and/or investment advisors to sell products and services of the Company and/or its affiliates.
4.3.2) Counterparty, business alliance, subsidiary and/or external service providers to offer you the privilege or any services of the Company and/or its affiliates. This includes developing and improving the products or services of the Company and/or its affiliates such as data analysis, data processing, credit card operation, IT and related infrastructure preparation, customer service platform, email/SMS sending, mobile application development, customer satisfaction survey and research, customer relationship management where Non-Disclosure Agreement will be provided. In case of juridical person, the Company and/or its affiliates are required to have appropriate personal data protection measures.
4.3.3) Government or its organization or any other agencies as per the law in order to act in accordance with the laws, orders, requests to coordinate with the agencies for the law relevant matters such as the Company and/or its affiliates would have to submit your personal data to Credit Bureau to verify and would utilize results from such verification to prevent any frauds etc.
4.3.4) External persons who are the counterparty of the Company and/or its affiliates both in Thailand or Foreign Countries such as Cloud Computing service, registrars, sales promotion service, research service, IT developer provided to the Company and/or its affiliates
4.3.5) External persons were given the consent by you or disclose for any transactions and/or services to be in line with your purposes
The Company and/or its affiliates would only collect the privacy data as necessary in the appropriate format for each data type. The Company and/or its affiliates would identify the purpose and the necessity to collect and process the data that also be in accordance with required Personal Data Protection Act. The Company and/or its affiliates would collect the personal data for a period after the agreement has expired and would be in accordance with the period and prescription of laws. The Company and/or its affiliates would have a suitable location to collect the personal data for each type. The Company and/or its affiliates would have to collect the personal data even if the prescription has expired such as when there is a case etc.
To ensure that the management of the Company and/or its affiliates prevent the risk which would occur to the personal data from illegal access, information leakage, modification and loss of data, the Company and/or its affiliates would act in accordance with the international standard in securing the information technology and would continuously manage the business in accordance with the laws, requirements, regulations required by Government Regulator.
The Company and/or its affiliates would have the protection measures for privacy of data subject by limiting the accessibility to the personal data. The company and/or its affiliates would only allow the responsible person for proposing the service of the Company and/or its affiliates such as employees, agents, financial advisors, and investment advisors of the company and/or its affiliates. The person who are authorized to access the data would strictly act in accordance with the preventive measures and would keep the data confidential. The company and/or its affiliates would keep both physical and electronic forms of data secure in accordance with the measures.
When the company and/or its affiliates would enter into the contract or agreement with third party, the Company and/or its affiliates would define the security measures and confidentiality of personal data appropriately to ensure that your personal data that the Company and/or its affiliates is responsible for would be secured in line with the defined security measures of the Company and/or its affiliates.
You have the right to take the following actions:
7.1) Right to Withdraw Consent: You would have the right to withdraw the consent for processing your own personal data that consented to the Company and/or its affiliates throughout the retention period of you own personal data collected by Company and/or its affiliates. The withdrawal of consent would not impact on data collection, usage or disclosure of your own personal data consented to the Company and/or its affiliates.
7.2) Right to be Informed: You would have the right to acknowledge the existing and type of personal data, objective of personal data using of the Company and/or its affiliates.
7.3) Right of Access: You would have the right to access your own personal data and to request the Company and/or its affiliates make a copy of your own personal data for you. This includes requesting the Company and/or its affiliates to disclose the acquisition of personal data that you would not give the consent.
7.4) Right to Rectification: You would have the right to request the Company and/or its affiliates to revise or amend your personal data to be up-to-date, complete, and not lead to misunderstanding.
7.5) Right to Erasure: You would have the right to request the Company and/or its affiliates to delete or destroy your own personal data or the data to be unidentifiable.
7.6) Right to Restriction of Processing: You would have the right to suspend using your own personal data for certain given reasons.
7.7) Right to Data Portability: You would have the right to transfer your own personal data provided to the Company and/or its affiliates to any data controllers or by your own in case that the Company and/or its affiliates would alter the personal data to be easily read or used via the automatic equipment or tools and would utilize the or disclose the data automatically.
7.8) Right to Object: You would have the right to object the Company and/or its affiliates to collect, utilize or disclose your own personal data including having the right to object the processing of your own personal data for some reason.
You would contact Personal Data Protection Officer of the Company and/or its affiliates in order to submit the application to take the mentioned rights (contact details would be seen in the topic of “Contact Channel” as below). The Company and/or its affiliates would consider and notify the consideration results to you by 30 days from the receiving date.
However, the Company and/or its affiliates would deny your personal data rights as required by the Law, especially deny deleting, destroying, changing the form of the data into an anonymous data in the case of the Company and/or its affiliates would have necessary to utilize your personal data or establish the legal claims compliance with or exercising legal claims or lift up to fight the claims of the company or to comply with the laws or any requirements as required by the laws.
To delete, destroy or change the form of the data into an anonymous data or to withdraw the consent would be done under the laws and agreements only. Such utilization of rights would have an impact on the performance of the agreements or services as the data subject would be anonymous. There would be limitations and would cause the data subject not receive benefits and news from the Company and/or its affiliates.
The Company and/or its affiliates would utilize Cookies Software or any resemble software to collect your data usage and gather the statistics research, trend analysis in order that the Company and/or its affiliates would perform better, faster and more secured services. To ensure your privacy when applying such services and/or accessing through the Company and/or its affiliates’ platform the Company and/or its affiliates would automatically memorise and record the type of browser when you access to the Company and/or its affiliates’ website which following data would include:
The mentioned data would be collected for analyzing and apprising the website visiting or internet accessing via internet for following cases:
You would manage and delete Cookies Program via your browser or device setting. For additional data about the mentioned methods, please see the contents of browser and device setting assistance.
Website of the Company and/or its affiliates would connect to third party’s websites which might be different from the Company and/or its affiliates’ Privacy Policy, the Company and/or its affiliates would like you to study Privacy Policy of such websites thoroughly understand personal data protection and to consider the personal data disclosure. The Company and/or its affiliates would not take the responsibility to the content, policy, damage or any actions from third party’s website.
The Company and/or its Affiliates would consider to review the Privacy Policy to be compliance with relevant guidelines and regulated laws. In case of the amendment of Privacy Policy, the Company and/or its affiliates would inform you about the amendment via the Company and/or its Affiliates’ website. You would see the mentioned amendment at https://www.thaivivat.co.th/th/policy_privacy.php which the Company and/or its Affiliates’ Privacy Policy is latest up-to-date on 13 November 2020.
In case of any queries about Privacy Policy of the Company and/or its affiliates, data collected by the Company and/or its affiliates or would utilize any right as per Personal Data Protection Law mentioned in No. 7), you would contact:
Name: | Thaivivat Insurance Public Company Limited |
Contact Place: | 71 Dindaeng Road, (Kwaeng) Samsen Nai, (Khet) Phayathai, Bangkok 10400 |
Contact Channel: | Call Center Number 1231 www.thaivivat.co.th |
Furthermore, you would contact Personal Data Protection Officer with following channel:
Contact Place: | Headquarter Office, 71 Dindaeng Road, (Kwaeng) Samsen Nai, (Khet) Phayathai, Bangkok 10400 |
Contact Channel: | Telephone Number: 02-6950800 dpo@thaivivat.co.th |