Personal Data Protection Policy
K Line Container Service (Thailand) Ltd. recognizes the importance of protecting personal data and maintaining the security measures in personal data
in compliance with the Personal Data Protection Act B.E.2562. Therefore, the Company has
issued and announced this Personal Data Protection Policy in order to allow the persons related to company to be acknowledged
and practiced as well as executives of all departments for supporting, enforcing, and monitoring the operations to be in accordance
with the Personal Data Protection Policy and Act strictly by determining the rules and measures to control and manage personal
data clearly and appropriately, as follows:
1. Scope of Application
This Personal Data Protection Policy applies to executives, employees, and third parties all those who working for the company including persons involved in the processing of personal data under such orders given by or on behalf of the Company.
2. Definition
2.1 The company means K Line Container Service (Thailand) Ltd. and its subsidiaries which are both existing at the time of this announcement or after this announcement comes into force, and includes one or more persons that the Company assigns for implementation according to the purpose of this announcement.
2.2 Personal Datameans any information relating to a person which enables the identification of such person, whether directly or indirectly, but not including the information of deceased persons in particular such as name, surname, nickname, address, phone number, ID number, passport, SSO number, tax ID number, bank account number, credit card number, educational background, financial status, medical history, employment history, criminal record, e-mail address, vehicle registration, IP Address, Cookie ID Log File etc. However, the following information is not a personal data, for example, non-personally identifiable information for business contact; company name, company address, company registration number, business phone number, business e-mail address, e-mail address of company group, pseudonumised and anonymised data that make it impossible to identify individuals by technical means.
2.3 Sensitive Personal Data means personal data that Personal Data Protection Act designated as sensitive information such as racial or ethnic origin , political opinions, cults, religious or philosophical beliefs, sexual behavior, criminal records, health data, disabilities, trade union information, genetic data, biometric data such as facial images, iris scan, voice identification, or fingerprints data for the purpose of verifying identity, or any other data which may affect the data subject in the same manner, as prescribed by the Personal Data Protection Committee.
2.4 Processing means any operation or set of operations which is performed on personal data such as collecting, gathering, recording, organising, structuring, storing, modifying, altering, retrieving, using, disclosing, forwarding, publishing, transferring, merging, deleting, and destroying.
2.5 Owner of Personal Data means a person whose personal data is subject to that person's identity either directly or indirectly.
2.6 Personal Data Controller means a natural person or juristic person who has power and duty to determine the collection, use, or disclosure of personal data.
2.7 Personal Data Processor means a natural or juristic person who operates in relation to the collection, use, or disclosure of personal data, or processes under the order given by or on behalf of personal data controller. However, a natural person or juristic person who operates above personal data is not a personal data controller.
3. Collection of Personal Data
The Company shall collect personal information within the purpose, scope, lawful and fair methods as necessary which is defined in the scope of the Company's objectives only. The Company will inform the Data Subject to gain acknowledgement and consent through electronic or other methods as specified by the Company. In case the Company needs to collect sensitive data, the Company shall request explicit consent from the Data Subject before such collecting, except for when this is allowed by the Personal Data Protection Act B.E. 2562 or other laws.
4. Perpose of Collection and Usage of Personal Data
The Company shall collect or use personal data for the purposes or activities such as the procurement process, contract execution, financial transactions, company activities, collaborations or improvement of the Company’s processes; database preparation, process analysis and development, and/or any other purposes which are in compliance with the legal obligations or regulations to which the Company are subject. Company shall retain and use the Personal Data as long as necessary only for the above-mentioned purposes, or as prescribed by laws.
The Company shall not conduct any processes which are different from the purposes of collecting of personal data except for when:
(1) the Data Subject has been informed of such a new purpose, and prior consent is obtained;
(2) it is necessary to be in compliance with the Personal Data Protection Act or other relevant laws.
5. Personal Data Disclosure
The Company shall not disclose personal data of the Data Subject without the consent of the Data Subject and shall disclose it solely for the above mentioned purposes. However, for the benefit of company operations and service provision to the Data Subject, the Company may disclose personal data to Company’s subsidiaries or other required persons, domestically and internationally, such as service providers dealing with personal data. The Company shall govern the above-mentioned persons to treat the personal data as confidential and not to use the data for purposes which are not covered in scope specified by the Company.
The Company may disclose personal data of the Data Subject as required by laws and regulations, such as disclosing it to a government agency, state enterprise, regulator. Also, the Company may disclose it by virtue of laws, such as requests for the purposes of litigation or prosecution, or requests made by the private sector or other persons involved in the legal proceedings.
6. Direction of Personal Data Protection
The Company shall establish measures including for the security of personal data in accordance with the laws, regulations, rules, and guidelines regarding the personal data protection for employees and other relevant persons. Company shall promote and encourage employees to learn and recognize the duties and accountabilities in the collection, storage, usage, and disclosure of personal data. All employees are required to follow this policy and guidelines regarding personal data protection in order for the Company to remain in compliance with the Personal Data Protection Policy and Act accurately and effectively.
7. Rights of Data subject
The Data Subject is entitled to request any actions as per the following:
7.1 Right to rectification
7.2 Right to erasure
7.3 Right to restriction of processing
7.4 Right to data transfer
7.5 Right to object
7.6 Right to withdrawal consent to the processing of personal data given; however, the withdrawal of consent shall in no way affect the collection, use or disclosure of the personal data previously provided with consent.
7.7 Right to access; to request access to and obtain a copy of the Personal Data, including to request the disclosure of the Personal Data obtained without his or her consent.
Data Subject may request these rights by sending a notice or submitting electronics form set by the Company or to the channel as specified by the Company. However, the Company may deny such a right in some cases in accordance with the rules set by the Company in order to comply with the relevant laws. In this regard, Company shall consider the right request received and inform the Data Subject not exceeding 30 days from the date of receiving such request.
8. Review and Changes of Policy
The Company may review or amend this policy from time to time to ensure that it remains in adherence to laws, any significant business changes, and any suggestions and opinions from other organizations. Company shall announce the amended policies thoroughly before implementing all the changes.
9. Contact Information
Data Protection Officer (DPO)
Address : 33 Moo 9 Km. 18 Bangna-Trad Road, Bangchalong, Bangplee, Samutprakarn 10540
Tel. +662 3127209-17 Fax. +662-3127200
Email : kcstpdpcenter@th.kline.com
Hotline : HotlineKCST@th.kline.com
Thai Version
1. Scope of Application
This Personal Data Protection Policy applies to executives, employees, and third parties all those who working for the company including persons involved in the processing of personal data under such orders given by or on behalf of the Company.
2. Definition
2.1 The company means K Line Container Service (Thailand) Ltd. and its subsidiaries which are both existing at the time of this announcement or after this announcement comes into force, and includes one or more persons that the Company assigns for implementation according to the purpose of this announcement.
2.2 Personal Datameans any information relating to a person which enables the identification of such person, whether directly or indirectly, but not including the information of deceased persons in particular such as name, surname, nickname, address, phone number, ID number, passport, SSO number, tax ID number, bank account number, credit card number, educational background, financial status, medical history, employment history, criminal record, e-mail address, vehicle registration, IP Address, Cookie ID Log File etc. However, the following information is not a personal data, for example, non-personally identifiable information for business contact; company name, company address, company registration number, business phone number, business e-mail address, e-mail address of company group, pseudonumised and anonymised data that make it impossible to identify individuals by technical means.
2.3 Sensitive Personal Data means personal data that Personal Data Protection Act designated as sensitive information such as racial or ethnic origin , political opinions, cults, religious or philosophical beliefs, sexual behavior, criminal records, health data, disabilities, trade union information, genetic data, biometric data such as facial images, iris scan, voice identification, or fingerprints data for the purpose of verifying identity, or any other data which may affect the data subject in the same manner, as prescribed by the Personal Data Protection Committee.
2.4 Processing means any operation or set of operations which is performed on personal data such as collecting, gathering, recording, organising, structuring, storing, modifying, altering, retrieving, using, disclosing, forwarding, publishing, transferring, merging, deleting, and destroying.
2.5 Owner of Personal Data means a person whose personal data is subject to that person's identity either directly or indirectly.
2.6 Personal Data Controller means a natural person or juristic person who has power and duty to determine the collection, use, or disclosure of personal data.
2.7 Personal Data Processor means a natural or juristic person who operates in relation to the collection, use, or disclosure of personal data, or processes under the order given by or on behalf of personal data controller. However, a natural person or juristic person who operates above personal data is not a personal data controller.
3. Collection of Personal Data
The Company shall collect personal information within the purpose, scope, lawful and fair methods as necessary which is defined in the scope of the Company's objectives only. The Company will inform the Data Subject to gain acknowledgement and consent through electronic or other methods as specified by the Company. In case the Company needs to collect sensitive data, the Company shall request explicit consent from the Data Subject before such collecting, except for when this is allowed by the Personal Data Protection Act B.E. 2562 or other laws.
4. Perpose of Collection and Usage of Personal Data
The Company shall collect or use personal data for the purposes or activities such as the procurement process, contract execution, financial transactions, company activities, collaborations or improvement of the Company’s processes; database preparation, process analysis and development, and/or any other purposes which are in compliance with the legal obligations or regulations to which the Company are subject. Company shall retain and use the Personal Data as long as necessary only for the above-mentioned purposes, or as prescribed by laws.
The Company shall not conduct any processes which are different from the purposes of collecting of personal data except for when:
(1) the Data Subject has been informed of such a new purpose, and prior consent is obtained;
(2) it is necessary to be in compliance with the Personal Data Protection Act or other relevant laws.
5. Personal Data Disclosure
The Company shall not disclose personal data of the Data Subject without the consent of the Data Subject and shall disclose it solely for the above mentioned purposes. However, for the benefit of company operations and service provision to the Data Subject, the Company may disclose personal data to Company’s subsidiaries or other required persons, domestically and internationally, such as service providers dealing with personal data. The Company shall govern the above-mentioned persons to treat the personal data as confidential and not to use the data for purposes which are not covered in scope specified by the Company.
The Company may disclose personal data of the Data Subject as required by laws and regulations, such as disclosing it to a government agency, state enterprise, regulator. Also, the Company may disclose it by virtue of laws, such as requests for the purposes of litigation or prosecution, or requests made by the private sector or other persons involved in the legal proceedings.
6. Direction of Personal Data Protection
The Company shall establish measures including for the security of personal data in accordance with the laws, regulations, rules, and guidelines regarding the personal data protection for employees and other relevant persons. Company shall promote and encourage employees to learn and recognize the duties and accountabilities in the collection, storage, usage, and disclosure of personal data. All employees are required to follow this policy and guidelines regarding personal data protection in order for the Company to remain in compliance with the Personal Data Protection Policy and Act accurately and effectively.
7. Rights of Data subject
The Data Subject is entitled to request any actions as per the following:
7.1 Right to rectification
7.2 Right to erasure
7.3 Right to restriction of processing
7.4 Right to data transfer
7.5 Right to object
7.6 Right to withdrawal consent to the processing of personal data given; however, the withdrawal of consent shall in no way affect the collection, use or disclosure of the personal data previously provided with consent.
7.7 Right to access; to request access to and obtain a copy of the Personal Data, including to request the disclosure of the Personal Data obtained without his or her consent.
Data Subject may request these rights by sending a notice or submitting electronics form set by the Company or to the channel as specified by the Company. However, the Company may deny such a right in some cases in accordance with the rules set by the Company in order to comply with the relevant laws. In this regard, Company shall consider the right request received and inform the Data Subject not exceeding 30 days from the date of receiving such request.
8. Review and Changes of Policy
The Company may review or amend this policy from time to time to ensure that it remains in adherence to laws, any significant business changes, and any suggestions and opinions from other organizations. Company shall announce the amended policies thoroughly before implementing all the changes.
9. Contact Information
Data Protection Officer (DPO)
Address : 33 Moo 9 Km. 18 Bangna-Trad Road, Bangchalong, Bangplee, Samutprakarn 10540
Tel. +662 3127209-17 Fax. +662-3127200
Email : kcstpdpcenter@th.kline.com
Hotline : HotlineKCST@th.kline.com