Skip to main content

นโยบายความเป็นส่วนตัว

บริษัท อิมแพ็ค เอ็กซิบิชั่น แมเนจเม้นท์ จำกัด (“บริษัทฯ”)

1. หลักการและเหตุผล

โดยที่บริษัท อิมแพ็ค เอ็กซิบิชั่น แมเนจเม้นท์ จำกัด (“บริษัทฯ”) ได้ให้ควำมสำคัญกับกำรคุ้มครองข้อมูลส่วนบุคคลและตำมหน้ำที่ที่ต้องปฏิบัติตำม พระรำชบัญญัติคุ้มครองข้อมูลส่วนบุคคล พ.ศ. 2562 (“พ.ร.บ. คุ้มครองข้อมูลส่วนบุคคลฯ”) ซึ่งเป็นกฎหมำยที่กำหนดสิทธิและหน้ำที่ของบริษัทฯ ในกำรเก็บรวบรวม ใช้ หรือเปิดเผยข้อมูลส่วนบุคคลของบุคคลที่เกี่ยวข้องกับกิจกำรของบริษัทฯ นโยบำยกำรคุ้มครองข้อมูลส่วนบุคคลฉบับนี้ (“นโยบายฯ”) จึงได้ถูกจัดเตรียมขึ้นเพื่อกำหนดแนวทำงและวิธีกำรที่บริษัทฯ ในฐำนะผู้ควบคุมข้อมูลส่วนบุคคล จะบริหำรจัดกำรกับข้อมูลส่วนบุคคลของลูกค้ำ คู่ค้ำ ลูกจ้ำง และบุคคลภำยนอกอื่น ๆ

2. คำจำกัดความ

“เจ้าของข้อมูลส่วนบุคคล” หมายถึง บุคคลธรรมดาที่เป็นเจ้าของข้อมูลส่วนบุคคลตาม พ.ร.บ. คุ้มครองข้อมูลส่วนบุคคลฯ
“ข้อมูลส่วนบุคคล” หมายถึง ข้อมูลเกี่ยวกับบุคคลซึ่งทำให้สามารถระบุตัวบุคคลนั้นได้ไม่ว่าทางตรงหรือทางอ้อม แต่ไม่รวมถึงข้อมูลของผู้ถึงแก่กรรมโดยเฉพาะ
“การประมวลผลข้อมูล” ได้แก่ การเก็บรวบรวม ใช้ หรือเปิดเผยข้อมูลส่วนบุคคลตาม พ.ร.บ.คุ้มครองข้อมูลส่วนบุคคลฯ

3. การเก็บรวบรวมข้อมูลส่วนบุคคล

3.1 Personal Data to be collected by IMPACT
We collect various Personal Data by taking into consideration the purpose of using such data according to our normal business operations, which may include:

  • General data e.g., name and surname, telephone number, email address, residential address, identification number of individual person (e.g., ID card, passport, driver’s license and tax identification number), date of birth, nationality, citizenship, weight, height, and photo;
  • Data on career, education, employment history, employment performance evaluation, criminal record, medical history, and family history;
  • Historical data on any transaction(s) or contract(s) entered into with us;
  • Bank account number, salary, financial status, tax payment history, credit card number, and vehicle license plate number;
  • Data on the Data Subject’s use of computer and program, including IP address, type of browser, language, operating systems, applications, website usage history, and cookies; and
  • Recorded CCTV footage.

3.2 Personal Data Collection Channel
We may collect the Data Subject’s Personal Data, whether directly or indirectly, through the following channels:

  • Data that has been directly provided to us or our representative by the Data Subject or their representative;
  • Data that has been lawful obtained from IMPACT including such companies subsidiaries, affiliates or business partners.
  • Data obtained from any other reliable sources, such as government agencies and banks; and
  • Data obtained from general public in a lawful manner.

4. Personal Data Retention Period

We will collect and retain the Personal Data only for a period necessary for processing such Personal Data within the scopes and purposes related to our business operations. After such period has ended, we will destroy such Personal data pursuant to the standard methods, unless we have legal obligation to continuously retain such data or to protect our rights as specified by the law.

5. Purpose of Processing and Disclosure of the Personal Data

5.1 Purpose of Processing and Disclosure of the Personal Data
We will use and disclose the Personal Data for the purpose of carrying out the normal course of our business operations, which includes:

  • For entering into a contract or performing duties under a contract between us and the Data Subject;
  • For business operation necessary for our legitimate interest (Legitimate Interest) by taking into account the basic rights of the Data Subject;
  • To offer information about products and services as well as to improve, develop and to maintain the quality of products and services that the Data Subject is partnering with us;
  • For communications such as notification services and receiving a response when the data subject has contacted;
  • To offer new products and services. In the event that the Data Subject does not wish to be notified of the marketing or sales activities, the Data Subject can notify his/her intention to us through the channels specified by us;
  • For the purpose of recruitment and selection of human resources;
  • To identify persons who come into contact with us and for security purposes; and
  • To perform our various duties under relevant laws.

5.2 Disclosure of Personal Data
We may disclose Personal Data of the Data Subject under lawful basis. Such data of the Data Subject may be disclosed or transferred to government agencies or third party, which includes:

  • Companies subsidiaries and affiliates;
  • Third-party service provider, such as service providers who collect and analyze data or human resources service provider;
  • Government agencies relevant to our business operations;
  • Advisors, such as financial advisor or legal advisor; and
  • Other data controller that the Data Subject requests us to send or transfer Personal Data to.

We will carry out necessary procedure to ensure the protection and prevention of the Personal Data from any loss of data, the unauthorized access to, unlawful use, modification, or disclosure of information by the person mentioned above.

If we must disclose the Personal Data to the receiver in a foreign country, we will disclose the Personal Data only to the extent permitted by the Personal Data Protection Act and other related laws.

6. Data Protection

We have a standardized data security system that categorizes and determines the level of data secrecy, by determining how to manage data, the right to access data, maintaining physical and environmental security within the organization, and establishing operational procedures related to the processing of information and communication devices in order to ensure that the information processed by it are secured and protected from any breaches of Person Data.

7. Rights of Data Subject

The rights of the Data Subject are as follows:
(1) Rights to receive notification when we collect their Personal Data;
(2) Rights to access their own Personal Data, request for copies of their Personal Data, request us to disclose the source in which the Personal Data was obtained from;
(3) Rights to receive or request us to send or transfer Personal Data to another data controller if it can be done by automatic means;
(4) Rights to object the collection, use, or disclosure of their Personal Data;
(5) Rights to request us to erase or destroy or anonymize the Personal Data;
(6) Rights to request us to cease the use of their Personal Data; and
(7) Rights to request us to ensure that their Personal Data are accurate, up-to-date, complete, and not misleading.

8. Communication

We have appointed the Data Protection Officer, who is responsible for providing advice and coordinating with the Data Subject in accordance with the Personal Data Protection Act. Contacting details are, as follows:

  • Data Protection Officer: PDPA Committee
  • Contact: This email address is being protected from spambots. You need JavaScript enabled to view it. Telephone No. 02-833-5296

9. Policy Review and Update

We will regularly review and update this policy at least once a year or whenever any significant changes regarding legal issues, related personnel, and our business operations, in order for the policy to be in compliance with the laws and practices of the regulatory agencies.

This Policy is effective as from [15 May 2022]

Privacy Notice

  • Privacy Notice For Visitors of Exhibition and Convention Center Click
  • Privacy Notice For Business Partners Click
  • Privacy Notice For Security Purposes Click