Privacy Center
Personal Data Protection Policy (Revised version 2021) |
Guidelines on Personal Data Protection Policy (Revised version 2021) |
Cookies Policy |
Data Subject Right Requests |
Guidelines on Personal Data Protection Policy (Revised version 2021) Dated 1 April 2021>
Chapter 2 Personal Data of Customers in the Petrochemical Business Unit
Chapter 2 Personal Data of Customers in the Petrochemical Business Unit
Guidelines on Personal Data Protection Policy of IRPC Public Company Limited
(Revised version 2021) Dated 1 April 2021
Chapter 2
Personal Data of Customers in the Petrochemical Business Unit
2.1 Your Personal Data Collected by the Company
Your personal data the Company has collected, used or disclosed shall include but not limited to the following personal data:
1)
Personal data such as name-last name, name title, nickname, gender, ID number, passport number, tax ID number, position, nationality, age, username account, including other sensitive personal data such as religion, race and health data whereby the Company has been granted with your consent according to relevant law or when deemed necessary as required by law.
2)
Contact data such as address, telephone number, mobile phone number, e-mail
3)
Financial data such as savings account number, transaction data, credit card number
4)
Other personal data such as data of family member, data relating to the use of IT system and other websites of the Company, CCTV recording, voice recordings from meetings
However, the Company has no intention to collect and process personal data of a minor under 10 years of age. Nonetheless, if you are a minor under 10 years of age or a quasi- incompetent or an incompetent who intends to gain access to the website, make inquiry about any products or services and must provide your personal data to the Company, your legal guardian or curator can proceed with such matters on your behalf and he/ she can give his/ her consent to the Company to proceed as such. In a case that the Company has found out that your personal data has been collected without the consent of your legal guardian or curator, the Company is entitled to reject any proceedings as per your request and shall delete your personal data except in a case that the processing of your personal data can depend on other legal bases which allow for the exception of the informed consent.
2.2 Sources of Personal Data
The Company may collect your personal data as you directly provide your personal data to the Company such as providing your personal data to the Company via registration on the Company’ s IT system, exchange of name card, request for details of the Company’ s products or services via the Company’ s website or other electronic channels etc. In addition, the Company may acquire your personal data from other sources such as from sales representatives of other business groups of the Company, business partners or associated companies, customers or representatives referred by the Company etc.
2.3 Objectives of the Collection, Use or Disclosure of Personal Data Under Legal Basis
The Company shall collect, use or disclose your personal data to achieve various objectives under legal basis as follows:
1)
Contract basis: To contact or provide details of products or services upon your request and to contact you as you are interested in the Company’ s products or services, to offer products as per your request, to consider on entering into the sales contract, including the collection of fees or payment
2)
Legal obligation basis: For the necessity to constitute a legal claim, to use as an evidence in the defense of a legal claim, compliance with the court’ s order or order of the government agency with legal authority, including disclosure or report of your personal data to the government agency with legal authority
3)
Legitimate interest basis: By taking into consideration the proportionality and your expectation whereby the benefits derived must be well balanced with your basic rights concerning personal data protection in order to achieve the following objectives:
a)
For audit and identity authentication purposes relating to any transactions or legal act and contract
b)
For an audits by major shareholders or relevant agencies, investigation, examination, audit, request for advice to constitute legal claim or legal proof procedures in which your personal data may be disclosed to the lawyer, legal and tax consultant, auditor, including other consultants to achieve such objective
c)
For risk management, monitoring and internal control and organization management, assessment of relevant criteria, including disclosure of personal data to major shareholders for internal audit and prevention of any misconducts or illegal acts
d)
For the analysis of your personal data for the improvement of the Company’ s products or services, including business assessment, improvement, planning and forecast
e)
For the security of the building areas or facilities from CCTV recording
4)
Consent basis: The Company shall perform activities to achieve the following objectives upon receiving your consent:
a)
To analyze purchasing or usage behavior of the Company’ s products or services and to offer benefits or promotional campaigns, promotions or any other discounts to attract the customer’s attention on the Company’s products and services
b)
To inform news and marketing activities, including new products and services which may be of your interest
c)
Upon receiving your legal consent to collect, use or disclose sensitive personal data such as health data, religious data and other sensitive personal data appeared on the ID card or passport in order to authenticate your identity as well as to facilitate and ensure your safety while participating in the Company’s activities
2.4 Disclosure of Your Personal Data
The Company shall not disclose your personal data to any external parties unless otherwise informed or upon being granted your consent or when it is deemed necessary to disclose or to report your personal data to the regulatory bodies, government agencies or any other agencies as stipulated by law relating to the Company’s business operation.
Besides, the Company may be required to disclose your personal data to relevant external parties for the objectives mentioned above in order to proceed with an audit, request for legal advice, inspection, assessment, legal proceedings or any other proceedings necessary for the Company’ s business operation.