Follow us:
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
This Privacy Policy describes SID policies and procedures on collecting, processing, transferring, and storing information for those using SID’s services and tells you about privacy rights and how the law of the Kingdom of Thailand protects your Personal Data.
Personal Data is used to provide and improve SID ’s application, services, and website.
By accessing our website, using any services provided by SID, signing up for any products and services provided by SID, submitting any information to us, or otherwise showing your agreement thereon, you will be deemed to have agreed and consented to the terms of this Privacy Policy. By using our Application, you automatically agree with this Policy and all terms and conditions of this Policy and agree to share your Personal Data with us for further collecting and processing purposes, as described in this Policy.
Interpretation
Words in which the initial letters are capitalized have meanings defined as follows. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.
Definitions
“Application” means the application provided by SID and available for download via AppStore and Google Play Market. The Application shall be used for the purposes of collecting points from returning recyclables to Sparkomats and claiming rewards.
“Committee” means the Personal Data Protection Committee.
“Device” means any device where the Application can be downloaded.
“Data Controller” means a Person or a juristic person having the power and duties to make decisions regarding the collection, use, or disclosure of Personal Data;
“Data Processor” means a Person or a juristic person who operates in relation to the collection, use or disclosure of Personal Data pursuant to the orders given by or on behalf of a Data Controller, whereby such Person or juristic person is not the Data Controller.
“Data Protection Officer (DPO)” means a Person or organization appointed by the Data Controller or Data Processor to monitor and analyze data information in the circumstances specified in the PDPA.
“SID", "we", "our", and "us" mean the company that owns the Application. Sustainability Initiatives Development Co. Ltd. (the "Company” or “SID") is a company incorporated under the laws of Thailand, since 18 December 2023, with Business Registration Number 0105566234215, at registered address No. 246 Times Square Building, Unit 11-01, 11 Floor, Sukhumvit Road, Klongtoey Sub-district, Klongtoey District, Bangkok.
“PDPA” means Personal Data Protection Act of Thailand, which establishes rules and guidelines for the processing and protection of Personal Data in the Kingdom of Thailand.
“Personal Data” means any information relating to a Person, which enables the identification of such Person, whether directly or indirectly, but not including the information of deceased Persons in particular.
“Person” means a natural person.
“Processing” means any operation or set of operations that are performed on Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Usage Data” refers to data collected automatically, either generated or using the Application’s infrastructure itself (for example, the duration of a visit, website usage, and the number of users).
“User”, “you”, and “your” mean any individual or legal entity who is using the Application from SID.
Personal Data:
While using the Application, you may provide certain personally identifiable information that can be used to contact or identify you. Personal Data that we collect may include, but is not limited to:
SID has the right, at any time, at its sole discretion, to request that you confirm your personal information or any other information related to using the Application.
Rights of your Personal Data:
As a data subject, you as a natural person have several rights concerning your Personal Data. We are committed to respecting and facilitating these rights in accordance with applicable data protection laws. Below are your main privacy rights and how you can exercise them:
Right to Access: You have the right to request access to the Personal Data we hold about you. This allows you to understand how and why we are using your data and to verify that we are doing so lawfully.
Right to Receive: You have the right to receive the Personal Data concerning you from the Data Controller.
Right to Object: You have the right to object to the collection, use, or disclosure of your Personal Data at any time under certain circumstances, such as compliance with legal obligations or for the establishment, exercise, or defense of legal claims, including in the following circumstances:
Right to Erasure: You have the right to request that the Data Controller erases or destroys your Personal Data, or anonymizes your Personal Data to become anonymous data which cannot identify the data subject, where the following grounds apply:
You have the right to withdraw consent for the processing of your Personal Data at any time. This means that if the processing of your data is based on your consent, you can revoke that consent at any time, and the Data Controller will stop using your Personal Data for the purposes for which consent had been given.
Right to Restrict Processing: You have the right to request that we limit the processing of your Personal Data under certain circumstances, such as if you contest the accuracy of the data.
To exercise any of these rights, please contact us at info@sid.co.th. We will respond to your request within a reasonable timeframe and in accordance with applicable laws.
Usage Data is collected automatically from Application usage and content entered in forms.
Usage Data may include such information as the type of Device used, pages you visited, the time and date of your visit, time spent on those pages, unique Device identifiers, other diagnostic data, and diagnostic data of your account information.
When you use the Application, SID has the right to collect, process, and transfer the following data:
SID has the right to check and control use of the Application to maintain functionality and protect the Application from any infringements by third parties.
In order to improve our services to you, we sometimes use automated tracking devices such as cookies and other tracking technologies.
A cookie is a small amount of data that our web server sends to your web browser when you visit certain parts of our website.
Consent to cookies: By ticking the tick box for processing Personal Data, you agree to consent to the collection of cookies and tracking technologies.
Managing cookies: You have the right to accept or reject cookies and tracking technologies. Most web browsers automatically accept cookies, but you can change your browser settings to reject cookies if necessary.
We share personal information for the purposes set out in this Privacy Policy and with the following categories of recipients:
Social Media Services: We may work with certain third party social media providers to offer you their social networking services through our services. These social networking services may be able to collect information about you, including your activity using our services.
In the Event of Merger, Sale, or Change of Control: We may transfer this Privacy Policy and your personal information to a third party entity that acquires or is merged with us as part of a merger, acquisition, sale, or other change of control (such as the result of a bankruptcy proceeding).
Other Disclosures: We may disclose your personal information to third parties if we reasonably believe that disclosure of such information is helpful or reasonably necessary to comply with any applicable law or regulation, to comply with or respond to a legal process or law enforcement or governmental request, to enforce our terms and conditions or other rights (including investigations of potential violations of our rights), to detect, prevent, or address fraud or security issues, or to protect against harm to the rights of our users or the public.
SID may use Personal Data for the following purposes:
SID may share your Personal Data in the following situations:
SID will retain your personal data for as long as necessary to fulfill the purposes outlined in this Policy, including:
To Provide and Maintain the Application: Your data will be retained as long as you continue to use the Application and for a reasonable period thereafter to ensure proper functionality and support.
To Provide You with News and Special Offers: Your data may be retained until you opt out of receiving such information or for a period consistent with your engagement with our services.
To Manage Your Requests: Personal data related to your requests will be retained for the duration necessary to address and manage those requests.
For Business Transfers: In the event of a merger, acquisition, or similar business transfer, your Personal Data may be retained as part of the assets transferred, in accordance with applicable laws.
For Other Purposes: Data used for analysis, marketing, and improving the Application will be retained for as long as necessary to achieve these purposes, typically for a period not exceeding 5 years after the last interaction.
SID will retain and use your Personal Data to the extent necessary to comply with SID’s legal obligations (for example, if we are required to retain Personal Data to comply with applicable laws), to resolve disputes, and to enforce our legal agreements and policies.
SID will retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this Personal Data is used to strengthen security or improve functionality of the website and/or services, or SID is legally obligated to retain this data for more extended periods.
SID will retain your Personal Data with PostgreSQL database service, providing the safest and most stable data protection possible. Once the purposes for collecting your Personal Data are no longer relevant, SID will securely delete or anonymize your Personal Data in accordance with applicable laws and regulations.
Your information, including Personal Data, processed at SID’s operating offices and any other places where the parties involved in the processing are located, may be transferred to and maintained on computers outside your province, region, or the Kingdom of Thailand.
Your consent to this Privacy Policy, followed by submission of such information, represents your agreement to that transfer.
SID will take all steps reasonably necessary to ensure that your Personal Data is treated securely following this Privacy Policy, and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your Personal Data and other personal information.
Business Transactions: If SID is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. SID will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law enforcement: Under certain circumstances, SID may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements: SID may disclose your Personal Data in the good faith belief that such action is necessary to:
SID does not intentionally seek, collect, use, disclose, or store Personal Data from or about children without obtaining the consent of a parent or legal guardian. In the event that SID becomes aware of having collected Personal Data from any individual under the age of 18 (eighteen) without proper parental consent, SID will take the following steps:
a) Remove such Personal Data from our servers and/or any storage systems used by SID.
b) Where deletion is not possible, ensure that this Personal Data is no longer processed for any purpose or disclosed to any third parties.
c) Parents or legal guardians with inquiries regarding the processing of their child's Personal Data are encouraged to contact SID using the contact details provided at the end of this Privacy Policy.
The Personal Data of children enrolled in schools and other educational institutions will be collected, stored, and processed in strict compliance with the procedures and requirements set forth by the Personal Data Protection Act (PDPA) and the Ministry of Education of Thailand.
The Data Controller shall have the following duties:
As the Data Controller under the PDPA of Thailand, SID has the following duties and responsibilities:
The full list of the rights and responsibilities of the Data Controller and the Data Processor are defined in the personal data law of Thailand.
Data Controllers and Data Processors shall designate a Data Protection Officer (DPO) in the following circumstances:
SID takes all reasonable steps to protect information that is received from you from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. SID has put in place appropriate physical, technical, and administrative measures to safeguard and secure your information, and SID makes use of privacy-enhancing technologies such as encryption. If you have any questions about the security of your personal information, you can contact us by email at info@sid.co.th.
SID, in any case, is not responsible for losses and/or disclosures of your Personal Data or any damages related to losses and/or disclosure of the Privacy Data as a result of any unauthorized or technical problem.
We take the security of your Personal Data seriously and react promptly to any breaches. Our procedures for handling data breaches are as follows:
Response to Data Breaches: Upon identifying a breach of Personal Data, we will act promptly to contain and mitigate the impact of the breach. This includes taking reasonable measures to prevent further dissemination of the data.
Notification to Data Subjects and Regulatory Authorities: We are obliged to notify both the affected data subjects and the Office of the Personal Data Protection Committee without delay and, where feasible, within 72 hours after having become aware of it, unless such Personal Data breach is unlikely to result in a risk to the rights and freedoms of the Persons.
If the Personal Data breach is likely to result in a high risk to the rights and freedoms of the Persons, we shall also notify the data subjects without delay regarding the Personal Data breach and the remedial measures. The notification and the exemption to the notification shall be made in accordance with the rules and procedures set forth by the Committee.
Details of Notification: In the event of a data breach, we will provide:
For any concerns or to report a data breach, please contact us at info@sid.co.th. We are committed to safeguarding your Personal Data and ensuring prompt and transparent communication in the event of any data breach.
SID’s Application may contain links to other websites or applications not operated by us. If you click on a third-party link, you will be directed to that third-party’s website or application. SID strongly advises you to review the Privacy Policy of every site that you visit.
SID has no control over and assumes no responsibility for any third-party sites or services’ content, privacy policies, or practices.
SID reserves the right to update this Policy periodically. Updates will be indicated by the “Last Updated” date at the top of this Policy and become effective upon being posted on this page. While SID will ensure the Policy is updated on this page, you and any other third parties are encouraged to review the Policy periodically for changes.