Announcement of Somapa Information Technology Public Company Limited
No. DPO 001 / 2025
Subject: Personal Data Protection Policy for InfoSurf Application
……………………………………………………………………………………………………………………………………
Somapa Information Technology Public Company Limited ("the Company") recognizes the importance of personal data protection and have supervision and management of personal information to be in line with personal data protection laws and related laws Therefore, we would like to inform you of the following information to comply Personal Data Protection Act B.E. 2562 with the important points as follows:
1. Personal Data
1.1 Characteristics of Personal Data
In this document
Personal Data
means any data relating to
a natural person that can be directly or indirectly identified to that natural
person. This does not include the personal information of the deceased
person.
Sensitive Personal Data
means personal data relating to
race, ethnicity, political opinions, doctrine religion or philosophy sexual behavior, criminal record, health
information, disability union information, genetic data, biometric data (e.g. fingerprint scans, face scan, etc.) or
any other information that affects the owner of personal data in the same way as announced by the Personal Data
Protection Committee.
1.2 Personal Data Collected
The Company may collect your personal
data as follows:
General Personal Information
(a) Information
about your use of electronic systems, including email address, first name -
last name, browser type and mobile OS type.
2. Respect
for Privacy Rights
The company respects the
rights of the data subject's personal data and conscious
that the owner of the information would like to have security concerning their Personal
Data. Data received by the company will be used for the relevant purposes only,
where the company has strict measures to maintain security as
well as preventing the use of personal information unlawfully.
3. Collection
of Personal Data
To collect personal data directly
from the data subject and the use of personal data including the disclosure of
personal information, the company will ask for consent from the data owner
before or during the collection. If
the law requires consent and will process personal data as necessary in
accordance with the purposes set by the Company expressly stated.
4. Purpose
of collection, use and disclosure of Personal Data
The Company collects, uses
and discloses Personal Data for the following purposes:
(a) For communicate
with users and update the application
(b) For analyzing and tracking the use of
services on the application and the purpose of retrospective auditing in case
of usage problems.
Personal Data that the
company carry out the collection for the above purposes. If
you do not provide such necessary personal data, the Company may not be able to
provide services to you.
However, if there is a
change in the purpose of collecting personal data, the Company will notify you.
5. Period
of storage of Personal Data
The company will keep your personal
information throughout the period of providing the application service and may continue to keep for
a period necessary for compliance with the law or under the legal statute of limitations. The company
will delete your personal data from its database upon service termination or when it
is no longer legally necessary.
6. Security
The company has put in place
measures to maintain the security of personal data to prevent the loss, access,
destruction, use, transformation, alteration or prevention of unauthorized or
unlawful use of personal data.
7. Your
rights as a Data Subject
As a personal data subject,
you have the rights set forth in the Personal Data Protection Act B.E.2562
, including the following rights:
7.1 Right
to be informed
Collection of personal data.
The personal data controller must provide the details of the data collection as
well as the use or disseminate to the data owner before or during data
collection (except in the case where the data owner already knows such
details, such as using various services),
where the data owner has the right to know the purpose of data collection, use
or dissemination, things to store, storage period as well as the details of the
personal data controller such as contact address and how to contact including
the potential consequences of not providing information.
7.2 Right
to withdraw consent
You
have the right to revoke your consent to the processing of
personal data that you have given consent to the Company, unless the revocation
of consent is limited by law. The
revocation of consent will not affect the processing personal
data you have given consent legally.
7.3 Right
to request access to Personal Data
You have the right to
request access and obtain a copy of your
data which is under the Company's responsibility include
asking the Company to disclose the acquisition of such information that you
have not given consent to the Company.
7.4 Right
to request sending or transfer of Personal Data
You have the right to
request the Company to transfer your
personal data that you have provided to the company as required by law.
7.5 Right
to object to the collection, use or disclosure of Personal Data
You have the right to
object to the processing of data about you in case of collection, use or disclosure
of your personal data as required by law.
7.6 Right to
request deletion of Personal Data
You have the right to
request the Company to delete, destroy or anonymize
personal data as required by law.
7.7 Right to
request suspension of use of Personal Data
You have the right to
request the Company to suspend the use of your information as required by law.
7.8 Right to
request rectification of Personal Data
In case you see that
the information that the company is inaccurate or you have
changed your own personal information, you have the right to request the
Company to correct your personal information so that such personal information
is accurate, current, complete and not misleading.
7.9 Right to
complain
You have the right to
file a complaint with the competent official under the Personal Data Protection
Act B.E.2562 if the Company violates or fails to comply with the said Act.
In case the subject
of personal data is limited by choosing to
provide specific personal data may result in being unable to fully receive
services from the Company. Including the Company may not be able to provide any
service if the data subject does not agree to provide the information that the
company needs.
8. Disclosure
of Personal Data to other persons or entities
The company will not disclose
your personal data to the other entities except in accordance with the law.
9. Personal
Data Protection Officer
The Company has operated in
accordance with the Personal Data Protection Act B.E.2562 by appointing a Data Protection Officer
(DPO) to inspect the Company's actions regarding the collection, use and disclosure of personal data
in accordance with the Personal Data Protection Act B.E.2562, including laws related to the protection of personal data.
10. How
to contact
If you have any questions or
want to ask more details about the protection of your personal data.
Please contact the company through the following channels:
Somapa Information Technology
Public Company Limited
Contact address:
No. 12 Soi Phrayasuren 35,Bangchan, Khlongsamwa, Bangkok 10510
Phone number: 02-791-8888
11. Changes
to Personal Data Protection Policies and Practices
The company will review the
terms and conditions of the company's policies, in this
edition from time to time to be consistent with the practice and related laws.
If there is any change in the Company, it will be notified by dissemination
through appropriate announcements by the Company.
12. Consent Consent
Using the InfoSurf
Application services is considered as the user acknowledging the personal data
protection policy for the InfoSurf Application and consenting to the company
collecting, using, and disclosing personal data as per Clause 1.2, and acknowledging
the rights of personal data owners under the Personal Data Protection Act B.E.
2562 already
13. Children
Our Services are not directed to, or intended
for, children under 13. We do not knowingly collect Personal Data from children under 13. If you have reason
to believe that a child under 13 has provided Personal Data through the Services, please email us at [email protected].
We will investigate any notification and, if appropriate, delete the Personal Data from our systems.
Users under 18 must have permission from their parent or guardian to use our Services.
Announced on date July 15, 2025