PDPA Policy

Data Protection and Privacy Policy

Effective Date: 1 June 2021

  1. Introduction

The Thai-Italian Chamber of Commerce (hereinafter referred to as "the Chamber," "we," or "us") recognizes the importance of protecting personal data and is committed to complying with the Personal Data Protection Act B.E. 2562 (‘PDPA’) and relevant data protection regulations. This Data Protection and Privacy Policy outlines how we collect, use, store, and protect personal data in the course of our operations and services.

  1. Scope

This policy applies to all personal data collected, processed, and stored by the Chamber, whether electronically or in physical form, and covers all individuals, including members, employees, clients, suppliers, and any other individuals whose personal data we may process.

  1. Data Collection and Use

3.1 Types of Personal Data

We may collect and process the following types of personal data:

  • Contact information (e.g., name, address, email address, phone number)
  • Professional information (e.g., job title, company name)
  • Financial information (e.g., bank account details)
  • Communication preferences
  • Any other personal data required to fulfill our contractual or legal obligations or provide requested services
  • Technical data such as IP address, Cookie ID, Activity Log, etc.
  • Other such as photos, videos, and other information that is considered personal data under the Personal Data Protection Laws.

3.2 Purpose of Data Processing

We collect and process personal data for the following purposes:

  • To communicate with individuals regarding our services, events, and initiatives
  • To administer memberships and provide member benefits
  • To facilitate networking opportunities and business connections
  • To organize and promote events, workshops, and conferences
  • To maintain accurate records for internal administration
  • To comply with legal obligations and regulations
  1. Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory requirements. When personal data is no longer required, we will take reasonable steps to securely delete or anonymize it.

  1. Data Security

We are committed to protecting personal data from unauthorized access, disclosure, alteration, or destruction. We implement appropriate technical and organizational measures to safeguard personal data, including but not limited to:

  • Regularly updating security software and systems
  • Restricting access to personal data on a need-to-know basis
  • Training employees on data protection and privacy obligations
  • Conducting regular data protection assessments and audits
  1. Data Disclosure

We do not disclose personal data to third parties without the individual's explicit consent unless required by law or in situations where we are legally permitted to do so. We may share personal data with trusted service providers who assist us in delivering our services, subject to appropriate confidentiality and data protection agreements.

  1. Data Subject Rights

Individuals have the following rights regarding their personal data:

  • The right to access and obtain a copy of their personal data held by us
  • The right to rectify any inaccuracies in their personal data
  • The right to request the erasure of their personal data, subject to legal obligations
  • The right to object to the processing of their personal data for direct marketing purposes
  • The right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal

Requests related to data subject rights should be submitted in writing to the contact details provided in Section 9.

  1. Data Transfers

If personal data is transferred to countries outside of Thailand, we will ensure appropriate safeguards are in place to protect the data in accordance with applicable data protection laws and regulations.

  1. Contact Information

For any inquiries, requests, or concerns regarding this Data Protection and Privacy Policy or the Chamber's data processing activities, please contact us at: [email protected]

  1. Updates to the Policy

We reserve the right to amend or update this Data Protection and Privacy Policy from time to time. The revised policy will be posted on our website, and we encourage individuals to review it periodically.