General Data Protection Policy
In accordance with the Personal Data Protection Act B.E. 2562, which aims to safeguard individuals from privacy violations and to protect their personal data rights, the collection, use, or disclosure of personal data must be done with clear consent and purpose notification to the data subject. By agreeing, I consent to Iris Group Co., Ltd. (hereafter referred to as “Data Controller”) collecting, using, or disclosing my personal data as follows
Under the following conditions:
- Purpose of Collection, Use, or Disclosure of Personal Data:
- To enter into contracts, analyze market data, apply for credit approval, and advertise or offer business opportunities in line with the Data Controller’s objectives, with clear consent provided.
- For processing data, which includes operations like collection, recording, organizing, storing, modifying, using, retrieving, disclosing, printing, and reporting statistics.
- For the business operations of the Data Controller, supporting services, managing the Data Controller’s business activities, as well as for supervision, risk management, prevention, and resolution of fraud or illegal activities.
- Disclosure of Personal Data:
The Data Controller will disclose personal data based on the consent given by the data subject and in line with the aforementioned purposes. The data subject consents to the disclosure of their personal data to employees, staff, branches, shareholders, directors, contractors, agents, partners, affiliated companies, internal and external auditors, consultants, assignees, and/or successors of the Data Controller, both domestically and internationally. - Rights of the Data Subject:
- Request to withdraw, access, or receive a copy of the personal data consented for collection, use, or disclosure while the data is still with the Data Controller and request corrections to ensure accuracy.
- Request a copy of their personal data or ask for details about data collection that was done without their consent.
- Request deletion or destruction of personal data or to anonymize it, or to transfer the data directly to another Data Controller or to themselves for certain reasons.
- Object to the collection, use, or disclosure of personal data for specific reasons.
- Withdraw consent at any time by notifying the Data Controller. The withdrawal of consent will not affect the previous collection, use, or disclosure that was already consented to.