Privacy Notice
Kerry Siam Seaport Limited
Kerry Siam Seaport Limited (“Company”, “we” or “our”) realizes that the trust of our customers is our most valuable asset. we provide this privacy notice to inform our customers of our policy in relation to the collection, use and disclosure of personal data of individual (“you”) in accordance with the Personal Data Protection Act B.E. 2562 (“PDPA”), relevant laws and regulations.

This privacy notice explains:
• what kind of Personal Data do we collect? This includes what you tell us about yourself or the individuals connected to your business (collectively referred to as “you”, “your” or “yourself”) and what we learn by having you as the customer.
• how do we use your Personal Data?
• who do we disclose the Personal Data to?
• what are the choices we offer? This includes how to access and update your Personal Data.
• what are your privacy rights
This privacy notice applies to:
(1) Our customers
• Individual customers: An individual customer of the Company or a Company Subsidiary who is directly liable under his or her contract for service.
• Corporate customer: Directors, shareholders, ultimate beneficial owners, employees, guarantors, security providers, and legal representatives of our past and present corporate customers and other individuals authorised to act on their behalf. Our corporate customer shall ensure that the authorised persons and any of relevant individuals have acknowledged our privacy notice.
(2) Non-customers
• These include individuals who have no product or service holding with us, but we may need to collect, use or disclose your personal data (e.g. anyone who makes a payment to or receives a payment from our customers; anyone that visits our website or our applications, branches or offices; directors or legal representatives of a company that uses our services; debtors of our customers; professional advisors, including our directors, investors, shareholders and their legal representatives, and anyone involved in other transactions with us or our customers).

Please note that some of the links on our platform may lead to third party’s platforms, and if you access these platforms, your personal data will then be processed under the third party’s policies. Make sure that you have read those privacy notices when accessing such platforms.

1. What kind of Personal Data do we collect?

We collect many different kinds of the Personal Data, depending on various circumstances and nature of requested products, services and/or transactions performed.

We may collect the Personal Data about you from a variety of sources, including but not limited to:
• When you apply for our products and/or services;
• When you talk to us on the phone or in branch, including recorded calls, posts, e-mails, notes and other means;
• When you use our websites or mobile device applications. This includes cookies and other internet tracking software to collect the Personal Data;
• Insurance claims or other documents;
• Customer surveys; and
• When you take part in our competitions or promotions.

In some cases, we may engage third parties to collect the Personal Data about your online activities when you visit our online sources. We may also use the Personal Data collected across non-affiliated websites for the purpose of serving you advertisements related to your browsing behavior. While we engage in this practice, we will provide an appropriate notice and choice so that you can opt out such processing.

The categories of Personal Data about you that we process, subject to the applicable law, including but not limited to:
• personal details : name, surname, gender, date of birth, marital status, personal identification number, passport number, social security number, address, contact details (e.g., email address, telephone number, social media, etc.), nationality, image of passport, driving license, signatures, photographs, and CCTV images;
• financial details : The details of your bank account, billing address, credit card numbers, and cardholder’s name and details;
• family details : Names and contact details of family members and dependents;
• contact details : address, telephone number, email address and social media profile details; and/or
• electronic data : IP address, cookies, activity logs, online identifiers, unique device identifiers and geolocation data.

2. How we use of your Personal Data?

We may collect, use and disclose your Personal Data only if we have proper reasons and it is lawful to do so. This includes sharing it outside the Company.

We will rely on one or more of the following lawful grounds when processing your Personal Data: -
• When it is to fulfil the contract we have with you;
• When it is our legal duty;
• When it is in our legitimate interest; and/or
• When you consent to it.
The purposes for which we may process your Personal Data, subject to the applicable law, and the lawful basis on which we may perform such processing, are:-
Purposes of data processing Legal basis
1. To develop the services in various fields e.g. the service of electronic proof of delivery and products, assistance providing and processing your complaints more efficiently as well as to survey and research your requirements in order to organize or create promotional programs that respond to your requirements. • Your consent
2. To develop the service channels for providing you the high quality, fastest and most convenient services. • Legitimate interest
3. To enable you to access or transfer your Personal Data in your accounts via more than one computer and/or other electronic devices and allow us to be able to effectively monitor any accession to your accounts in order to prevent all of unauthorized usage, access by unauthorized users, fraudulent/abuse usage including to improve the services to be more appropriate and efficient. • Fulfilment of contractual obligation
• Legitimate interest
4. To propose an interesting news, promotional activities which would advocate you to get the highest quality services and benefits from us. • Legitimate interest
• Your consent
5. For the marketing and promotion objectives including your participation in any activities that we have organized to hand you the most benefits however depend on your satisfaction, thou can state your desire for setting the usage of your Personal Data for our marketing objectives through the channels specified by us. • Your consent
6. To measure the effectiveness of our marketing policy and - advertising through various online medias. • Your consent
7. To settle any disputes or conflicts which might be occurred between you and the Company about the services. • Fulfilment of contractual obligation
8. Only for lawful and necessary purposes to achieve the services’ objectives for you as the data subject including for comply with the laws and any regulations. • Fulfilment of contractual obligation
• Legal obligation
When we rely on the legitimate interests as the reason for processing the Personal Data, it has considered whether or not your rights are overridden by our interests and has concluded that they are not.

3. Who do we disclose the Personal Data to?

We may share your Personal Data with others where it is lawful to do so, including where we or they: -
• need to provide you with the requirement under a contract;
• have a public or legal duty to do so (e.g., assist with detecting and preventing fraud, tax evasion, financial crime, etc.);
• need to, in connection with a regulatory reporting, litigation, asserting or defending legal rights and interests;
• have legitimate business reasons to do so (e.g., manage risk, verify identity, enable another company to provide you with the services you have requested, access your suitability for the products/services, conduct internal report/data analysis/performance management, etc.); and/or
• ask for your permission to share it, and you agree.

We may share your Personal Data for these purposes with others, including: -

• other group companies and any sub-contractors, agents or service providers who work for us or provide the services to us, including their employees, representatives, sub-contractors, service providers, directors and officers;
• any trustees, beneficiaries, administrators or executors;
• people you make payments to and receive payments from;
• financial institutions and payment service providers ;
• any people or companies where required in connection with potential or actual corporate restructuring, merger, acquisition or takeover, including any transfer or potential transfer of any of our rights or duties under our agreement with you;
• law enforcement, government, courts, court procedure, dispute resolution bodies, our regulators, auditors and any party appointed or requested by our regulators to carry out investigations or audits of our activities;
• other parties involved in any disputes, including disputed transactions;
• fraud prevention agencies who’ll also use it to detect and prevent fraud and other financial crime and to verify your identity;
• anyone who provides instructions or operates any of your goods or services on your behalf (e.g., power of attorney, solicitors, intermediaries, etc.);
• anybody else that we have been instructed to share your Personal Data with by you;
• other parties who are our business partners.
Except as described in this Privacy Notice, we will not use the Personal Data for any purposes other than the purposes as described to you in this Privacy Notice. Should we intend to collect, use or transfer additional information which are not described in this Privacy Notice, we will notify you and obtain your consent prior to the collection, use and disclosure. You will also be given the opportunity to consent or to decline approval of such collection, use and/or transfer of your Personal Data.

We will continue to adhere to this Privacy Notice with respect to the information we have in our possession relating to prospective, existing and former clients and investors.

Cross-border Transfer of Personal Data

Your Personal Data may be transferred to and stored/processed in other countries.

Such countries may not have the same level of protection for the Personal Data. When we do this, we will ensure it has an appropriate level of protection and that the transfer is lawful. We may need to transfer the Personal Data in this way to carry out our contract with you, fulfill the legal obligations, protect the public interests and/or for our legitimate interests. In some countries, the law might compel us to share certain Personal Data (e.g., with tax authorities). Even in this case, we will only share the Personal Data with people who have rights to see it.

4. Retention of Personal Data

We retain your Personal Data for as long as it is necessary to carry out the purposes for which it was collected i.e., for service and legal reasons, or compliance with the applicable laws.
We may keep your Personal Data for up to 10 years after you stop being our customer in order to ensure that any contractual disputes that may arise can be processed within that time,

unless otherwise in the event of regulatory or technical reasons, we may keep your Personal Data for longer than 10 years. If we do not need to retain the Personal Data for longer than it is legally necessary, we will destroy, delete or anonymize it.

5. Accuracy of your Personal Data

We need your help to ensure that your Personal Data is current, complete and accurate. Please inform us of any changes to your Personal Data by: -
• updating your information at/via Company Website/Application
We will occasionally request an update from you to ensure that the Personal Data we use to fulfil the purposes of collection, use and/or disclosure are current, accurate and complete.

6. Accuracy of your Personal Data

• Right to Withdraw: This enables you to withdraw your consent to our processing of your Personal Data, which you can do at any time. We may continue to process your Personal Data if we have another legitimate reason to do so;
• Right to Access: This enables you to receive a copy of Personal Data we hold about you and to check that we are lawfully processing it;
• Right to Correct: This enables you to have any incomplete or inaccurate information we hold about you corrected;
• Right to Erasure: This enables you to ask us to delete, destroy or anonymize your Personal Data where there is no good reason for us to continue processing it. You also have the right to ask us to delete your Personal Data where you have exercised your right to object to processing (see below);
• Right to Object: This enables you to object to the processing of your Personal Data where we are relying on the legitimate interest and there is something about your particular situation which makes you want to object to the processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes and profiling activities;
• Right to Restrict Processing: This enables you to ask us to suspend the processing of your Personal Data, for example, if you want us to establish its accuracy or a reason for processing it;
• Right to Portability: This enables you to request for the transfer of your Personal Data to another party; and

Handling of Complaints

In the event that you wish to make the complaint about how we process your Personal Data, please contact us and we will try to consider your request as soon as possible.

7. Limitation

a. Website links and other services In the event that the service channels were linked to an external website or third-party website, we would not be responsible for any damage or violation that occurs to your Personal Data by the external website or third-party website. And you acknowledge that we do not have any power to control or determine or monitor the operations, services, privacy policy and data protection as well as the application or evaluation of your Personal Data on that website.

8. Security of your Personal Data

Information is our asset and therefore we place a great importance on ensuring the security of your Personal Data. We regularly review and implement up-to-date physical, technical and organizational security measures when processing your Personal Data. We have internal policies and controls in place to ensure that your Personal Data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the performance of their duties. Our employees are trained to handle the Personal Data securely and with utmost respect, failing which they may be subject to a disciplinary action.

9. Your Responsibilities

You are responsible for making sure that the Personal Data you give us or provided on your behalf, is accurate and up to date, and you must tell us as soon as possible if there are any updates.You have some responsibilities under your contract to provide us with the Personal Data. You may also have to provide us with the Personal Data in order to exercise your statutory rights. Failing to provide the Personal Data may mean that you are unable to exercise your statutory rights.Certain Personal Data, such as contact details and payment details, must be provided to us inorder to enable us to enter into the contract with you. If you do not provide such Personal Data, this will hinder our ability to administer the rights and obligations arising as a result of contract efficiently.

10. Revision of our Privacy Notice

We keep our Privacy Notice under a regular review and thus the Privacy Notice may be subject to changes. The date of last revision of Privacy Notice can be found on the top of page.

11. Contact us

If you have any questions in regard to the protection of your Personal Data or if you wish to exercise your rights, please do the followings, at your choice: -

Contact us at Kerry Siam Seaport Limited;

Email us at []; or

Call us at [Contact Center 02-686-8999]