The Company will collect information which you have directly given to the Company or arise from service provided or communication with the Company both in document form and computing traffic information. The collected information will be obtained legally, fairly and appropriately by the Company and will be limited only for the necessary of the Company’s business operation in which the Company will inform you the purpose of collection of your personal data as well as the effect of not providing data. The Company will request your consent prior to your data collection unless such collection can be conducted as imposed by law. If the Company is in need to collect sensitive personal data from you, the Company will explicitly request your consent prior to data collection except such collection can be conducted as imposed by law. The Company will keep your data for a time period to be in line with the purpose of that data collection provided that the Company will notify you before purchasing goods, receiving service or entering into each contract. If there is any change in personal data collection purpose later on, the Company will notify you in which the Company will publish such on the Company’s website.

Whereas, all personnel of the Company have responsibility to comply with personal data protection law, privacy policy and security policy and guideline, each person shall have duty and responsibility as follows:

The Company will use your personal data for the purpose notified or under the contract or only related to communication or business transaction with you or after having received your consent or in case of the Company entitled to use your personal data without obtaining your prior consent if the personal data protection law permitting to do so. The Company will supervise its operator not to disclose, present or make your personal data appearing in any form other than the purpose notified or having received your consent or permitted by law.

Your personal data may be used for education, research or statistic in order to develop, improve service quality, marketing promotion, provide information and/or update products in accordance with the Company’s objectives and for your highest benefit and satisfaction.

The Company will not disclose any of your personal data without your prior consent or other than permitted by personal data protection law. However, for the benefit of your service, the Company may send, transfer and/or disclose your personal data to the companies which are in the Company Group, auditor or business alliance or any person who is a party to a contract of the Company, either in domestic or overseas, and only to be in line with your consent or for execution of contract or relating to your service or any matter permitted by law. In case the personal data receiver is in the country where the personal data protection standard is not adequate as prescribed by the Personal Data Protection Committee, the Company will provide suitable personal data protection standard which is in accordance with personal data protection law as the case may be.

The Company respects right of privacy arising from your personal data. Your information received by the Company under the principle mentioned above will be used or disclosed in accordance with the purpose notified to you or as imposed by law. In this regard, the Company will use or disclose your sensitive personal data in accordance with the purpose in which you explicitly consent or as imposed by law.

The Company concerns on the importance of your personal data security. The Company, therefore, stipulates security policy and security system with respect to personal data to have appropriate mechanism and technique in order to prevent the illegal or eligible access, change, amendment, deletion, destruction or use, disclose. In this regard, the Company will provide technical measures on IT system which is used to process personal data in order for the correct and accurate use of data processing equipment on personal data and maintain its security as well as will provide examination system to delete or destroy personal data when its storage period is expired or the deletion is required by law. The Company will manage its human resource by specifying training measures on how to learn and use the system relating to personal data and personal data processing together with principles with respect to personal data processing and personal data security in order to ensure that the Company’s personnel performs work with their understanding and awareness on the responsibility of using personal data of the data owner and promote and develop its personnel who supervises IT system to have skill and in time on new cyber attack. The Company will evaluate and examine, from time to time, the compliance of the Company’s privacy policy and other laws relating to personal data protection in order to assess the status and security of personal data whether it is appropriate or not in order to evaluate and reduce risk on the occurrence of any event which may affect the personal data security. The data transmission via internet is still limit in security. Even though the Company strictly provides security measures with regard to data, the Company is unable to guarantee the security of your disclosed data via online channel. Therefore, the Company reserves the right to deny the responsibility against damage or loss occurring, either directly or indirectly, from the unauthorized access of your given personal data.

However, for the safety of your personal data, you should comply with the provisions and conditions with respect to the service provided as specified by the Company in all servicing channels. For credit card payment data transmission via internet, the Company will connect its system with the bank through the highest security system with international standard. In this regard, your credit card information will be kept at the bank only.

You are entitled to access to your personal data by notifying your request via the Company’s contact center e.g. call center, branch or website. The Company will inform you the existence and details of your personal data. If you find that your personal data is incorrect or not up to date, you are able to change and amend your personal data as well as entitled to request the Company to remove your personal data, object in data processing, requesting for stop using or delete your personal data unless the Company may have the right to reject or limit data owner’s right as specified by the personal data protection law. The Company will try to respond your legal request within 30 days. However, in some cases, it may take longer than 30 days if such request is complicate or you submit too many requests. In such case, the Company will inform you and keep you updated your case.

In this regard, if you disagree for the Company to use your personal data or desire to delete your data from the system, the Company would like to inform you that you may not use some services of the Company or you may not receive some information or news or be inconvenient in receiving some service.

The Company may improve and amend this personal data policy in order to be consistent with the change of service, the Company’s business operation and your suggestion/opinion in which the Company will announce such change on the Company’s website or send you the announcement directly for your acknowledgment

However, you can see further details on personal data which will be taken for processing, the purpose of processing, the case that you have to provide your personal data to the Company and the possible effect if you do not provide such personal data, personal data storage period, type of person or organization that may receive such personal data, data relating to the Company as the personal data controller, your right as the personal data owner, the transfer of such personal data to overseas as well as the reason and method on personal data processing at www.homepro.co.th/privacy-notice or contact at data_privacy@homepro.co.th