Personal Data Protection Notice
The Group of Companies of Grande Asset Hotels and Property Public Company Limited is fully aware of the importance of personal data protection and therefore provides this Personal Data Protection Notice to explain how the Group of Companies has practiced with collection, use and disclosure of personal data as well as rights of all data subjects.
1. Definitions
“Company” “Group of Companies” shall mean Grande Asset Hotels and Property Public Company Limited and all subsidiaries/affiliates/joint ventures acting as seller/service provider or operator of Website.
“Subsidiaries/Affiliates/Joint Ventures” shall mean any companies in which Grande Asset Hotels and Property Public Company Limited holds shares or takes part in management either directly or indirectly, no matter amounts of the shares held and also include juristic entities of condominium and/or village.
“Personal Data” shall mean data of persons which shall be identifiable either directly or indirectly to such persons according to the law on personal data protection.
“Website” shall also include Application, Facebook or other Platforms of each of company in the Group of Companies, as the case may be.
2. Objectives in Collection, Use and Disclosure, and Operation
2.1 Collection, use and disclosure of personal data, directly or indirectly, shall be performed with objectives, scopes and procedures in accordance with the law on personal data protection, shall be limited insofar as deemed necessary in sale or providing services (for purpose of clarity, sale or services shall include offer to sell shares, debentures, financial instruments, digital assets pursuant to relevant governing laws (but shall not affect appropriation/distribution thereof); the Group of Companies shall request consent from data subjects by electronic means or other means as arranged by the Group of Companies.
2.2 The Group of Companies shall not collect personal data in relation to race, ethnicity, political opinions, beliefs, religions, philosophy, sex orientation, criminal record, health data, disability, biodata or any other data that may affect data subjects in similar manners except explicit consent has been obtained.
2.3 Collection, use and disclosure of data subjects under legal incompetence or under legal age, as the case may be, shall be in accordance with the law on personal data protection and other relevant laws.
2.4 The Group of Companies may collect, use and disclose personal data with objectives to provide data and information with respect to products and services of the Group of Companies (for purpose of clarity, sale or services shall include offer to sell shares, debentures, financial instruments, digital assets pursuant to relevant governing laws but shall not affect appropriation/distribution thereof); as well as other related information such as payment channels, providing services by digital means, market analyses, promotional marketing campaigns and for creating/establishing data bases for use in offering or promoting privileges in accordance with your interests which are not unlawful.
2.5 The Group of Companies may use your personal data in accordance with the objectives specified herein and maintain such data as necessarily required by related laws so long as you are customers or have relationship with the Group of Companies, or so long as the objectives herein are accomplished but not exceeding 10 (Ten) years. The Group of Companies shall ensure all personnel strictly not collect, use or disclose such personal data otherwise than the objectives as specified herein and in accordance with the law on personal data protection.
2.6 The Group of Companies has imposed security measures to maintain confidentiality of personal data for prevention of loss, access, destruction, use, change or disclosure thereof without legal rights or proper permission.
2.7 The Group of Companies has arranged and adopted appropriate storage technological system and restricted access to your personal data pursuant to our criteria and procedures. However, the Group of Companies cannot guarantee in all events that there shall be no defects or errors as might arise from operation of the Notice; therefore, the Group of Companies shall not assume any liability and responsibility for loss and damage so occurred. The Group of Companies may retain outsourced contractor(s) to operate storage and processing of personal data but the Group of Companies shall ensure those outsourced contractor(s) maintain security measures and proceed with no collection, use and disclosure of personal data other than the strict criteria and procedures imposed by the Group of Companies.
3. Rights of Data Subjects
3.1 Inspection of or access to your personal data in accordance with the law of personal data protection;
3.2 Request for change or amendment of your personal data in case of incompleteness or inaccuracy or update thereof;
3.3 Cancellation, erasure or destruction of your personal data except for those the Group of Companies is required by law to comply in accordance with the law on personal data protection;
3.4 Revocation of consent given previously for purposes of processing of personal data provided such revocation thereof shall not impact collection, use or disclosure of which proper consent have been obtained.
Any data subjects may exercise such rights by submitting a request in writing to the Group of Companies, or by electronic means as per forms prescribed by the Group of Companies via “Contact with the Company” channel hereinbelow. The Group of Companies shall upon receipt consider and give a response within 30 (Thirty) days provided the Group of Company may refuse such rights as prescribed by law.
However, such revocation may impact your use of products and/or services such that you may not receive privileges, promotion, any new offers, or better products and/or services that suit your needs or even being unable to receive updated data or information that may be of your interests. As a result, you are advised to study and inquire into the impact of such revocation.
4. Link with Websites of Third Parties
4.1 Websites of the Group of Companies may be linked with those of third parties (“Third Parties”) that are not under control of the Group of Companies. You are advised to review policy and/or notice as regards personal data protection (or other names of similar nature). Such linkages have been proceeded for your convenience in searching for additional data or information from websites of such Third Parties. As a result, the Company shall not assume any liability or responsibility as regards such personal data protection or contents of those websites, either in whole or in part and shall include Log, meaning sources, trajectory, date, time, volume or other relevant matters. In addition, policy and/or notice as regards personal data protection (or other names of similar nature) shall be in accordance with those as prescribed by such Third Parties whereupon the Group of Companies shall have no connection of whatever nature.
4.2 Cookies: The Group of Companies has applied Cookies approach in order to adjust contents and advertisements following your access to and analysis of the Group of Companies Website. You may wish to adjust settings to prevent Cookies; however, such may affect your applicability of or access to significant characters of the Group of Companies Website.
5. Review, Change or Amendment of the Notice
The Group of Companies may review, change or amend this Notice at any time, and upon such review, change or amendment, shall post new versions in the Website accordingly. When you access or browse the Website after review, change or amendment, you shall be deemed to have agreed with and accepted the terms and conditions of the Notice.
6. Contact with the Company
Internal Audit Department
Grande Asset Hotels and Property Public Company Limited
Exchange Tower ,Unit 3203-4, 32 Fl.
388 Sukhumvit Road, Klongtoey, Klongtoey, Bangkok. 10110
