Privacy Policy


Blendata Company Limited

1. Preface

1.1 Objectives 

In order to ensure effective protection of personal data and to provide remedial measures for data subjects from personal data breach, Blendata Company Limited has established a personal data privacy policy as a guideline for personal data management appropriately as follows:

1.2 Scope of enforcement

This policy establishes the scope to apply to all personal data including sensitive personal data that are obtained, processed, stored, modified, disclosed, or deleted by the Company for conducting business in the form of electronic media, document storage systems, and other media, these will include the Company’s data as well as personal data owned by third parties that are liable to the Company under contracts conveying data protection provisions. This Data Privacy Policy applies to all employees of the Company, whether permanent employees, temporary employees, apprentice, contractors, consultants, or third-party users, who may be subject to disciplinary action against those who fail to comply with the policy, including an order to suspend the collection and processing of personal data.

1.3 Definitions

2. Methods of Obtaining Personal Data

The Company collects personal data through the following processes:

2.1 Services other than those set forth on our website, such as other goods or services that are operated by us or the Company, without expressly being subject to this policy. 

2.2 Personal data obtained from the Company. 

2.3 Personal data obtained from third parties such as agents, merchants or the Company that provide data collection services, business partners, partners, etc.

2.4 Personal data obtained by visiting the website, such as the name of the Internet service provider and IP Address through internet access, date and time of visit to the website, pages visited while visiting the website, and the address of the website which is directly linked to the website of the Company.

2.5 Application usage behavior where a log of your usage will be collected from the company’s applications.

2.6 Public Records and Non-Public Records that the Company is legally entitled to collect.

2.7 Personal data obtained from governmental or regulatory bodies exercising jurisdiction.

3. Purposes for the Collection, Use and Disclosure of Personal Data

The Company has the objectives for the collection, use, or disclosure of personal data as follows:

3.1 For improvement of the Company’s products and services, and other services or products in the future, as well as to supervise, maintain and operate in connection with the provision of such services.

3.2 For the performance of transactions related to the products or services of the Company.

3.3 For the management of the relationship between the Company and the data subject.

3.4 For confirmation and/or identification of the personal data subject in accessing the services through various channels or contacting the Company.

3.5 For communication, notification and/or receiving information from the Company or any changes that occur of the Company.

3.6 For the Company’s business operations such as data analysis, inspection, product development, service improvement, service usage analysis, etc.

3.7 For any necessary and appropriate action to: 

3.7.1 Investigate and prevent acts that may violate the law;
3.7.2 Respond to requests from governmental or government agencies, including governmental or foreign governments where the personal data subject resides; 

3.7.3 Enforce our terms of service and policies related to personal data of the Company; 

3.7.4 Protect the business operations of the Company; 

3.7.5 Protect the privacy, safety or property rights of the Company, its personnel and data subjects or others; and 

3.7.6 Remedy, prevent or limit damage that may occur.

3.8 For legal compliance, officer’s investigation or regulators or to comply with rules, regulations or obligations required by law or government.

Other purposes not specified above, the data subject will be notified when the Company has a request to collect personal data. In addition, acquisition of your personal data, the Company will collect, use or disclose your personal data under these purposes only subject to the following conditions:

4. The Collection of Personal Data / Format of Data

The Company will collect data obtained directly from the data subject or from the provision of the Company’s services or operations through all channels.

5. The Personal Data Retention Period

The Company will retain your personal data only for the necessary duration, considering the purpose of collecting and processing, including compliance with the requirements of applicable law in such matters. The Company will store personal data after a certain period of time and in accordance with the applicable legal period, by storing it in an appropriate storage location according to the type of personal data. However, the Company is obliged to keep personal data even after the statute of limitations has expired, for example, in the case of litigation or legal proceedings, etc.


The Company has established security measures that will be used to communicate to those concerned and have confidence in maintaining security as follows: 


The Company will keep your personal data according to the Administrative Safeguard, Technical Safeguard, and Physical Safeguard to maintain appropriate security in the processing of personal data, that means the confidentiality, integrity, and availability are maintained and to prevent personal data breaches. The Company has established policies, regulations and rules for personal data protection, such as security standards of information technology systems and measures to prevent recipients from using or disclosing information beyond the intended purpose or without their authority. In addition, the Company will periodically update such policies, rules and regulations as necessary and appropriate.


In addition, when processing your personal data is required, employees, personnel, agents and recipients of information from the Company are obliged to keep personal data confidential and secure in accordance with the measures established by the Company.

6. Disclosure and Transfer of Personal Data

The Company will disclose personal data to third parties and/or organizations or external entities only in the following cases:

Transferring and/or ending personal data abroad


In case of transfer and/or send data aboard, the Company will establish the standards for entering into agreements and/or contracts with business entities, organization to which the personal data will be obtained. It has established standards for personal data protection and aligns with relevant laws to ensure that personal data is securely protected, such as:
 

To link personal data with other individuals or entities, the company will display the name of the collector or person who has the right to data. In addition, the Company will provide a record of the data linkage as evidence.

7. Measures to maintain the security and confidentiality of personal data

To ensure that the data subject is confident in managing the risk of personal data that may be unauthorized access, leakage, alteration, loss. The Company therefore realizes the importance of information security as well as complying with internationally recognized standards for information security and business continuity management in accordance with the law.

The Company has measures to protect the privacy of data subjects by limiting access rights to those who need to use such personal data in order to offer products and services and for the service of the Company. Persons authorized to access personal data must strictly adhere to the Company’s personal data protection measures and maintain the confidentiality of such personal data. The Company has Administrative Safeguard, Technical Safeguard, Physical Safeguard in accordance with applicable regulatory standards to protect personal data. Any act other than or unauthorized, including the transmission of personal or sensitive information to an unauthorized person or any use that damages the Company, will also be considered a violation of this Policy.

8. Your Rights as a Data Subject

The data subject can exercise the rights in relation to your personal data according to the channels and methods of contact by the Company according to the rights you have as follows:

9. Communication

This policy applies to internal communications to all employees, worker, and apprentice in the form of notices/memorandum, and appropriately stored via the website on the intranet for external communication; general person, customer, business partner, alliance which published on the Company’s website.

10. Contact Channels

Any questions regarding this data privacy policy can be inquired through the channels specified below:

Blendata Company Limited.
110/1 Krung Thon Buri Road,
Banglampoolang, Klongsan, Bangkok 10600
Tel. 02-781-9101
Email: [email protected]

or Data Protection Officer (DPO)
Email: [email protected]

11. Monitoring, Review and Update Policy

This policy requires regular monitoring and performance indicators of operational processes in accordance with this policy and reviewed at least once a year, or if there are changes related to business operations, operational process, technological changes, or reports a personal data security breach that may be relevant to this policy.