This Privacy Notice is issued by WHA Corporation Public Company Limited (the “Company”, “we”, “us”, or “our”), a limited company registered in Thailand.
The Company is committed to protecting and respecting privacy of whom we interact. This Privacy Notice explains what Personal Data we collect, how we use and disclosure it as well as your rights.
This Notice is addressed to individuals outside the Company with whom we are in contact, such as individual clients, visitors to our offices, sites or websites, our suppliers, business partners, representative of our clients, of our partners or of suppliers/other organisations or other individuals (hereinafter “you”). Defined terms used in this Notice are described in Section 2.
This Notice may be updated from time to time to record changes in our Processing of Personal Data or changes in law. We encourage you to read this Notice, and to regularly check for updates.
|1.||Personal Data||Data that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier (e.g. a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity) which is processed by the Company or by a Data Processor on behalf of the Company.|
|2.||Sensitive Personal Data||Sensitive Personal Data is a category of Personal Data. It is any Personal Data relating to race, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behaviour, criminal records, health data or disability condition, trade union information, genetic data, biometric data and any data of the same nature as prescribed by the Personal Data Protection Commission established by the PDPA (“Commission”).|
|3.||Processing||Any activity with any operation or set of operations which is performed on Personal Data, whether or not by automated means, such as collection, recording, storage, alteration, consultation, use, retrieval, disclosure by transmission, share, making available, alignment or combination, restriction transmission, dissemination, erasure or destruction by any means.|
|4.||Data Subject||An identified or identifiable natural person to whom the Personal Data is related to.. Data Subject shall not include deceased person and ‘juristic person’ (established under the laws, such as a company, foundation, association or other organisations).|
|5.||Data Controller||A person or a juristic person having the power and duties to make decisions regarding the collection, use, or disclosure of the Personal Data.|
|6.||Data Processor||A person or a juristic person who process the Personal Data pursuant to the orders given by, or on behalf of, the Company acting as a Data Controller.|
|7.||Data Protection Officer||The Data Protection Officer (DPO) appointed by the Company.|
|8.||Personal Data Breach||Any unlawful or unauthorised Processing of the Personal Data|