Customer Privacy Policy

Siam Tohcello co., Ltd; the “Company”, “we”, “us”, or “our”, recognizes the importance of the protection of customer Personal Data including any other individuals who we receive Personal Data from involved persons; “you” or “your”, for specific purposes in relation to the business operation of the Company. Thus, the policy has been established to ensure that our customers' personal data would be protected and to provide the details corresponding to the collection, use, and disclosure (collectively called processing), including the deletion and destruction of your personal data both online platforms and other channels as required by the Personal Data Protection Law, as follow;

1. The purposes of processing Personal Data

1.1 To operate our business: relating to the procedure of performing a contract with our company by your request following the regulations as a counterparty to us, such as to offer products and services, to support and arrange other activities relating to such products or services, to facilitate, to provide souvenirs and privileges, to request necessary details, to use as evidence, to manage the accounting, and to proceed the financial transaction.

1.2 To protect our legitimate interests;

1.2.1 Encourage the management, development, and operations to smooth the business including fraud detection and prevention or the other crimes, managing customer and potential customer relationships, and maintenance and use of IT systems.

1.2.2 Ensure the privacy and personal data safety advantages, e.g. releasing the security methods covering the customers’ personal data.

1.2.3 Exercise a legal claim.

1.3 To prevent and eliminate a fetal danger towards life, body, and health both to themselves and the others, e.g. controlling and avoiding the contagion, and emergency contacts.

1.4 To enable the legal regulations, e.g. compliance with the provisions of laws, regulations, and legal authority orders.

1.5 To be able to perform the duties of public interest or to perform a state authority uses that have been granted

1.6 To operate the business and activities allowing to collect of the additional customers’ personal data by notifying and asking for a customer’s consent at that moment. ( the customers’ personal data would be processed in the case of receiving customers’ consent and allowing)

*Consent is available for more information in the article 4

2. Personal Data collection receiving consent through Cookies

● Information relating to the customer’s devices such as IP Address and Location Data, or other identified devices.

● Browser’s types and versions of the customers’ use including the type and version of the browser plug-In.

● The setting of the Time zone

2.1 When you contact us, or participate together with us for a business or related, the information will be collected individually;

● personal data, e.g. first name and last name

● contact information, e.g. first name, last name, E-mail address, mobile number, and address

3. Cookies

We use cookies to collect personal information following the Cookie Policy.

4. Consent requisition and possible consequences of withdrawing consent

4.1 According to your consent allowing a personal data collection and processing, you have the right to withdraw the consent contract at any time without having an effect on the previous acts of using your personal data.

4.2 The requirements of yours may not be accomplished in some, or the whole process with a prohibition of using your information, or a declination of giving the significant data, including withdrawing the consent contract.

4.3 For the under 20 years-old age, the parental consent details are required to provide before operating a consent contract with us. According to the circumstance of the under-age person, her/his or their parental consent is also required from our company

5. How long do we keep your Personal Data

5.1 Personal Data would be retained for as long as is reasonably necessary to fulfill the purposes for which we obtained them and to comply with the relevant legal and regulatory obligations. However, we may have to retain Personal Data for a longer duration, as required by the applicable laws. (e.g. general legitimate prescription is aged up to just 10 years)

5.2 An audit system has been applied to carry out the deletion and construction of Personal Data when the retention period is expired, unrelated, or unnecessary following the purposes of the individual data collection.

5.3 Through your consent of the Personal Data use, they will last to fulfill your requests in our "process" step until you apply to withdraw the consent and until the withdrawal request has been completed. However, a part of your Personal Data will be appropriately retained in order to record the footprint of your consent withdrawal for a precise service towards your future requests.

6. Your Personal Data disclosure and transfer

6.1 To whom we may disclose your Personal Data

1. To whom relating to our operations to fulfill your requests, and the company working collaborate with us by your purposes relying on the consent obtained by us to use your Personal Data.

2. Individuals or legal entities who are not our enterprises; Third parties, in the events to gain the Personal Data collection and processing following the Personal Data Policy. (e.g. the sales representative, common carrier, tour company and Affiliated company group both overseas and domestic, outsourced service providers working under our company, transportation company, Transaction and Financial Services Company, technology services, IT system services, inspector insurance company, legal agencies, consultants, government agencies, or any other third parties (in Thailand or else) in connection with a subpoena, court order, or other legal process and requirement under the regulations of Thailand, or the laws and regulations of other jurisdictions that apply to our affiliates, us, and any other financial institutions to eliminate the risks and investigate illegal acts that might be happened including a violation towards the policy)

6.2 If any of the above events occurs, the receiving party will comply appropriately with this Privacy Policy to respect your Personal Data.

7. Data security

7.1 The security of personal information is a priority, and the technical and administrative standard of security has been applied to avoid personal data loss, unauthorized disclosure and approach, misuse, modification, and demolition with technology and security procedures, and to ensure the access boundary of users being in the Personal Data protection laws line.

7.2 The security obligations and regulations have been applied appropriately to dodge lost-data situations, unauthorized disclosure and approach, misuse, and modification from an irrelevant person. Plus, the security obligations and regulations will require to be reviewed in case of the technological amendment necessarily announces an update

8. Right as the data subject

8.1 A data subject rights under the Personal Data Protection Law, summarized as follows:

1. For the purposes the data subjects have consented to our collection, use and/or disclosure of Personal Data, data subjects may have the right to withdraw consent at any time

2. Data subjects may have the right to access or request a copy of the Personal Data we are collecting, using, and/or disclosing.

3. Data subjects may have the right to obtain Personal Data we hold about that data subject, in a structured, electronic format, and to transmit such data to another data controller, where this is (a) Personal Data which you have provided to us, and (b) if we are collecting, using and/or disclosing that data on the basis of data subject’s consent or to perform a contract with the data subject

4. Data subjects may have the right to object to certain collection, use and/or disclosure of Personal Data

5. Data subjects may have the right to request that we delete, destroy or anonymize Personal Data that we collect, use, and/or disclose

6. For the purposes the data subjects have consented to our collection, use and/or disclosure of Personal Data, data subjects may have the right to withdraw consent at any time

7. Data subjects may have the right to restrict and amend our use of Personal Data where the data subject believes such Personal Data to be inaccurate

8. Data subjects may have the right to lodge a complaint to the competent authority where the data subject believes our collection, use, and/or disclosure of Personal Data is unlawful or non-compliance with applicable laws in relation to data protection.

Furthermore, your request for exercising a right will be considered and reported within 30 days from the date we receive such a request. The authority of Data Subject all above follows the Personal Data Protection laws.You can contact us through our e-mail : stcadmin@scg.com or Human Resources , General Affairs and IT Manager by contact to Tel : 033-010-525

8.2 The operation of your legitimate authority can be accessed here by ****** or *******.

9. Data controller and Data Protection contact details

9.1 Company Data controller details will be informed in the attachment of the Customer Privacy Policy

9.2 If you demand the answer about your Personal Data under this Privacy Policy, please contact: stcadmin@scg.com

If there are any updates about the Customer Privacy Policy, the updates will be published through this website (getting sometimes into the website for the self-investigated update is recommended.). Besides, the up-to-date one will immediately be effective on the date of the announcement.