In this regard, you must read and understand this Policy thoroughly as follows:
1. Personal Data Collection
In providing our services, the Company collects, stores and uses the following Information relating to you:
Data that the Company received from you when you are a Vendor, Service Provider, Customers, Clients, Partner, Shareholders, Directors, Employees or Website Users such as name-surname, gender, date of birth, age, nationality, education background, marital status, phone number, email, postal address, id card photo, identification number, passport information, house particulars, signature etc.
Data regarding your transactions with the Company such as vendor application form, bidding information etc. This depends on the type of your transaction;
Data about job applications either website or telephone such as name-surname, gender, date of birth, age, nationality, education background, phone number, email, postal address, occupation, id card photo, identification number, passport information, house particulars, signature, visual images, criminal records etc.
Data that you provide to the Company when you request for additional information regarding the Company’s products or services or request that the Company contact you back;
Data from records of correspondence and other communications between you and the Company, in whatever manner and form, including but not limited to phone, email, live chat, instant messages and social media communications
Data from your visits to www.beryl8.com , use of websites, and use of social media such as browser type and version, type of terminal device that you use to access the services (PC, laptop, or smartphone), operating system and platform, IP address of your terminal equipment or device, location, information about the services and products that you view or search;
Data about your social media profile when you use your social media credentials such as Facebook, Twitter, and LINE to login to or interact with the Company services such as your social media account ID, interests, likes, and friend list. You can control this privacy option made available to you by the social media service provider in your social media account setting;
Other personal data which consent is required by laws, the Company will notify you and ask for your consent before collecting data or according to legal period.
2. How to Collect or Acquire Personal Data
The Company collects and gathers your Personal Data in the following ways:
- Data that you provide to the Company, for instance, the communication between you and the Company, be it in writing or verbal, data that you provide when you register into vendor application form with the Company to use our service including entering agreement and supporting documents, or information requests or other requests relating to products or services from the Company as well as data that the Company receives; and/or
- Data that is collected automatically via cookies or similar technologies when you use the Company products or services such as mobile application activity and mobile device type; and/or
- Your Personal Data that the Company obtains from public and non-public records; and/or
- Data that is collected as a message, photo, and sound when you contact with our personnel, customer service officers, sell officers, contractors, partners, service providers, attorneys, representatives, other persons or other agencies related to the Company (hereinafter referred to as “personnel and partners of the Company”) through website, application, online social media, phone, email, contact in person, interview, SMS, FAX, postal, VDO Call service or other ways;
To not provide some type of Personal Data, grant consent, and/or to revoke consent for collection, use and/or disclosure of data may cause the Company’s inability to process your request, or provide service to you, or have limited actions.
When you provide any Personal Data related to third parties to the Company, you hereby certify and guarantee an accuracy of such Personal Data. You also certify and guarantee that you have completely informed those parties of the detail of this Policy.
As long as the laws permit, you further agree to manage and ensure that the Company is fully compensated for damages, loss, penalty and expenses, including, but not limited to, legal costs and litigation costs in any aspects including fines, penalty charges, interest, additional charges or other amounts charged, fined or collected by regulators or regulatory agencies, arising from or relating to action or inaction of you (or officers, employees, advisors, agents or your representatives), your mistakes or negligence in performing those duties or resulting in us being accused of or punished for violating applicable laws.
3. Objectives of Collection and Use of Personal Data
The Company uses the Personal Data you provide when you visit or use our services to fulfill the purpose for which you provided the data. The purposes for which your Personal Data may be used are as follow:
- Providing our products or services to you;
- Contacting with you, delivering contract and supporting documents for products and services operation;
- Administering our services for internal operations, including problem diagnosis, troubleshooting, internal audit or account audit;
- Providing and improving our products and services, including administering, maintaining, managing, and operating such products and services;
- Checking data of job applicants and contacting with the applicant;
- Managing, collecting, recording, storing or destroying Personal Data;
- Checking the Company’s structure that do not cause conflict of interest between the Company and persons who may have conflicts
- Disclosing of information on related transactions, including other information in the registration statement that will be submitted to the Securities and Exchange Commission (Office of the SEC)
- Complying with the provisions of the Company’s internal policies;
- Complying with the provisions of laws, rules, regulations, agreements or applicable policies made by law enforcement agencies, government agencies, dispute settlement bodies, insurance business regulators or other regulatory agencies;
Taking any action that the Company believes to be necessary or appropriate: (a) to investigate, prevent and detect illegal activities or suspected illegal activities; (b) under applicable laws; (c) to comply with legal process and hearing; (d) to respond to requests from government authorities and the state including government authorities and states outside your country of residence; (e) to enforce the Company’s terms of service and Personal Data announcement (f) to protect our operations; (g) to protect rights, privacy, safety or property of the Company, you or others; and (h) to allow the Company to pursue available remedies or limit the damages that we may sustain;
Other purposes that are not mentioned above but will be specifically stated at the time the Company request your data, or when data is collected and used according to the legal exclusions.
The Company shall use your Personal Data according to the objectives in item 3 only when:
- Your consent was granted to the Company by law;
- It is necessary to comply with contracts which you are a counterparty, or proceed your requests before entering into such contracts;
- It is necessary for legitimate interests of the Company, individuals or other juristic persons, unless such interests have lower value than basic rights of your personal data;
- It is necessary for complying with the law;
- It is necessary for establishment of legal claims, compliance with the law or exercising legal claims, or contestation of legal claims.
You may choose not to allow the Company to collect certain information requested by the Company. However, choosing not to provide certain information may hinder the ability to conduct transactions, services between the Company and you, and the response to your requests. For example, the Company may not be able to proceed to enter into insurance contracts with you or the Company may not be able to provide you with the services relating to the Company’s products or other services, including claim services.
4.Protection of Personal Data
At the Company, protection of your privacy is our top priority. The Company establishes data security policies and procedures as well as restricts access to your Personal Data to those individuals, such as certain employees and agents, who need it to perform their jobs in providing you with our products and services. We require those individuals whom we permit access to your Personal Data to protect it and keep it confidential. The Company maintains physical, electronic, and procedural safeguards that comply with applicable regulatory standards to guard your Personal Data.
The Company has implemented various security measures and has made our best effort to ensure the safety of your Personal Data stored in our system. Your Personal Data will be stored on secure networks and can only be accessed by a limited number of persons with special rights to such information.
In addition to the above security measures and methods, the Company has used advanced technologies to protect your personal data.
- Secured Socket Layer (SSL) and Transport Layer Security (TLS): To prevent any information from being detected while transmitted via the internet, we use Secure Socket Layer (SSL) encryption technology and Transport Layer Security (TLS) protocol on our websites where we collect your personal data to be encrypted (such as your payment information and login credentials) which is supported by most popular browsers, including Google Chrome, Firefox, Safari, and Internet Explorer;
- Firewall: To allow only authorized personnel to access the Company’s data as permitted, the Company have put in place layers of firewalls (a network security system) between our computer systems and Internet;
- Virus and malware scan: Virus and malware scanning software are installed and periodically updated on all computers and servers.
5. Retention Period of Personal Data
Your information will be kept by the company as long as it is necessary, taking into consideration our needs and purposes for which the Company collect and process it, including compliance with legal requirements under applicable laws;
Even though you end your relationship with us, the Company shall continue collecting, using and disclosing your Personal Data as necessary according to the laws for legal interests;
For contract and/or supporting documents, the Company shall continue keeping your Personal Data as necessary to achieve the above-mentioned purpose for not over 10 years since our relationship has ended or your last contact with the Company. Based on the applicable laws and regulations, we shall continue keeping your personal data longer than specified;
To comply with period and prescription according to applicable laws, your Personal Data shall be kept in appropriate format of data type. However, the Company may need to keep your personal data longer than the legal prescription under certain circumstances such as the submission of maturity benefit to the life insurance fund or the case is under legal prosecution, etc.;
The Company will take the appropriate procedure for deleting, destroying or anonymizing your personal data according to the personal data retention period mentioned above.
6. Sharing of your Personal Information
Other than as permitted under this Policy or as otherwise consented to by you, the Company shall not transfer your Personal Data to any other third parties for their processing for any purpose. The Company may share your Personal Data within our group of companies and with joint venture partners and third parties service providers, contractors and agents. In addition, the Company may allow such third parties to collect your Personal Data across our services. In each case, the Company permits such processing and/or collection for the purposes of: (i) providing our services to you; (ii) carrying out our obligations and enforcing our rights under the Terms of Service or this Policy; and/or (iii) administering our services for internal operations, including problem diagnosing, troubleshooting.
7. International Transfer
Your Personal Data may be transferred, stored, or processed to partners or service providers that are located or serviced abroad. In this case, the Company shall set standards for entering into agreements and / or contractual agreements with partners or service providers to obtain the Personal Data. In the standard of protection of Personal Data accepted and / or in accordance with the relevant laws in order to ensure that taken to keep your Personal Data secure.
8. Use of Sensitive Personal Data
For some MTL’s products or services as well as for the purpose of personal data collection, the Company needs to collect, use or disclose sensitive personal data such as race, ethnicity, disability, political opinions, religion or philosophy, doctrine, sexual behavior, heredity, and information of labor union. For such cases, the Company shall request your consent to collect, use or disclose the sensitive data. The Company shall explicitly inform you in order to proceed according to the purpose unless legal consent is not required for collection, use or disclosure of sensitive data.
9. Legal Rights of Personal Data Protection
You may have rights under Thai and other laws to have access to your Personal Data and to ask the Company to rectify, erase and restrict use of your Personal Data. You may also have rights to object to your Personal Data being used, to ask for the transfer of Personal Data you have made available to us and to withdraw consent to the use of your Personal Data. Further information on how to exercise your rights is set out below.
The Company shall honor your rights under applicable Data Protection Laws. You have the following rights under Thai law and may have similar rights under the laws of other countries.
- Right to access and request a copy of Personal Data which is under responsibility of the Company where appropriate identity verification shall be set;
- Right to request the Company to revise or correct your Personal Data to be updated, complete and unambiguous;
- Right to request temporary limitation/suppression of use and/or process of Personal Data;
- Right to object collection, use or disclosure of your Personal Data as well as right to object Personal Data processing;
- Right to request to delete, destroy or anonymize your Personal Data;
- Right to revoke consent or request to change the scope of consent granted to the Company to collect, use or disclose your Personal Data; however, the revocation shall not affect the past collection, use or disclosure of your Personal Data that the consent was granted;
- Right to be informed about existence, type of personal data, and the Company’s purposes of use of the Personal Data;
- Right to request the Company to deliver or transfer Personal Data to you or other individuals or organizations as you specified;
- Right to request to disclose acquisition of your Personal Data in case you do not grant consent to collect or gather such data.
The Company shall complete your request within 30 (thirty) days after you make request to the Company. If you wish to exercise the rights, please contact us via email at email@example.com
Based on the applicable laws and regulations, the Company may have the right to charge reasonable expenses for processing the rights above.
However, the Company reserves the right to not fulfill your request under the provisions of the law. If the Company cannot fulfill your requests, the Company will record the rejection together with reasons.
Remark – If you request the Company to delete, destroy or anonymize your Personal Data, or revoke you consent, it may impact 1) compliance contracts such as with Master Service Agreement, Master Subscription Agreement or employment contract, 2) performance of services since we will be unable to identify your identity and there might be limitations to some services where your Personal Data is needed.
A cookie is a small text file that is placed on a computer or other device and is used to identify the user or device and to collect information. The code in the cookie file enables the site to label you as a particular user, it does not identify you by name, address, or other information unless you have provided the website with such information or set up preferences in your browser to do so automatically. When you visit the Company’s websites, your data will be collected via cookies or similar technologies automatically.
How the Company uses the cookies
Why the Company uses the cookies
The company may from time to time gather certain Information automatically via such cookies and store it as Log Data. We use our own cookies to personalize your experience on our services and for various other purposes, including:
- To recognize you on the Company’s websites and remember your configuration as well as language and location. A mix of first-party and third-party cookies are used;
- To collect data about the website page you visit, the content you view, the link you clicked and web browser, device and IP address of you.
- To remember your preferences based on previous or current website activities, which enables us to provide you with improved and tailored services for your future visits
- For safety and prevention of unauthorized login to your account.
Category of cookies use
Preference Setting : The Company uses such cookies to record your layout, appearance and other custom preferences and settings, to ensure our services are personalized for you. These cookies allow our websites to remember information that changes the way the site behaves or looks.
Security : The company uses such cookies to ensure the security of your Information and our services, and to prevent fraudulent, criminal or other suspect activities.
Efficiency : The company uses such cookies to improve the speed, performance and efficiency of our services.
Analysis and Research : The company uses such cookies to follow up and improve our services, and to provide us with reference data for research and development of new services or functions.
You can set your browser to not accept cookies. Moreover, the website stated above explains how to opt out cookies from your browser. However, such setting may prevent some features on the Company’s websites.
13. Data Protection Officer
The Data Protection Officer is appointed to investigate operations related to collection, use or disclosure of personal data in accordance with the Personal Data Protection Act B.E. 2562 and the Company’s policies, regulations, announcements, rules, as well as coordinating and cooperating with the Office of the Personal Data Protection Commission.
You can contact the data protection officer via email at firstname.lastname@example.org
14. Contact the Company