Major Development Public Company Limited, Major Development Estate Company Limited and the Subsidiary Company realize the importance of protecting Personal Data of customers, partners, contractors, service recipients, and business partner, the Company shareholders and debenture holders, employees and the Individual related to the Company because protecting personal information is part of social responsibility and complying with the law, including, respecting the privacy rights of individuals, therefore, the Company has prepared this Privacy Policy to ensure that your Personal Data will be protected according to law, to notify you of details related to collection, use, and disclosure (“Personal Data Processing”) and to establish a measure to maintain the security of personal information in accordance with the Personal Data Protection Act of B.E. 2562, related laws, rules, and regulations as follows:
1. The definitions
Definitions |
Meanings |
The Company |
Major Development Public Company Limited, Major Development Estate Company Limited and the Subsidiary Company |
The Subsidiary Company |
A company or legal partnership that has relationship with any other entity that the Company controls, is controlled by, or that is under its overall direction which might have the same group of majorities of directors or shareholders. |
Customer |
Persons who are the targets of the Company's operations or services and includes participants in the Company's campaigns or marketing activities, persons interested in the Company's products or services through various channels and/or users of the Company's services through various online and electronic media, as the case may be, including attorneys-in-fact, person authorized to act on behalf of the customer according to law, as the case may be such as those exercising parental authority over minors, guardian of the incapacitated, protector of quasi-incompetent person, etc. |
Partners, contractors, service recipients and business partners |
Proponents/sellers of land, property, products, contractors and/or service providers or any person having business relationships with the Company, both juristic persons and natural persons, including subcontractors of product sellers, contractors and/or service providers. |
The Company’s personnel |
Director, advisor, executive, current employee, former employee, student intern |
Shareholder |
The Company’s shareholder. |
The Individual |
Only individual, not including juristic person. |
Data Subject |
The Individual who can be identified by the information. |
Personal Data |
Information about a person that can be used to identify them, either directly or indirectly, but excludes details on a specific deceased individual. |
Sensitive Personal Data |
Information about an individual's nationality, ethnicity, political views, creeds, religion, or philosophy, sexual orientation, behavior, criminal record, health, disability, trade union membership, genetic information, biological information, or any other personal information that could affect the owner of the Personal Data in a similar manner as specified by PDPC. |
Processing of Personal Data |
Collect, use or disclose Personal Data |
Data Controller |
The individual or juristic persons who have the authority to make decisions regarding the collection, use, or disclosure of Personal Data. |
Data Processor |
The individual or juristic person who carries out the collection, use, or disclosure of Personal Data in accordance with the order or on behalf of the Personal Data controller. However, the individual or juristic person who performs such action is not the Personal Data controller. |
Non-Personal Data |
Various information that does not identify an individual, such as company registration numbers and business contact information that does not identify an individual, such as phone numbers, working email, company email, office email, anonymous data, and information about the deceased. |
Transaction |
Any action related to civil and commercial activities. |
Electronic transactions |
Transactions carried out using all or part of electronic means |
2. The Company's Collection of Personal Data
The Company collects Personal Data of customers, partners, contractors, service recipients, business partner, the Company shareholders and debenture holders, employees and the Individual related to the Company as needed. The table below lists the categories of Personal Data that the Company retains.
Personal Data collection table:
Types of Personal Data |
Details |
Basic Personal Data |
Identity Data such as first name, last name, ID card number, passport number, copy of house registration, date of birth, gender, age, nationality, signature, photograph, professional license identification number, phone number, Email, etc. |
Sensitive Personal Data |
Such as Personal Data relating to nationality, ethnicity, political opinions, creeds, religion or philosophy, sexual behavior, criminal records, health data, disabilities, trade union data, genetic data, biometric data and any other data that affects the owner of Personal Data in the same manner as the PDPC announces only with your explicit consent or as permitted by law. |
Third party Data |
If you provide Personal Data of a third party to the Company, such as an executive, authorized persons, attorneys, directors, employee information, work personnel information, contractor information, contact information, information on spouses, family members, tenants, servants and information on other persons who are not have a direct relationship with the Company and has a relationship related to your relationship with the Company |
Transaction Data |
Such as details of transactions from or to you, contract details, contract/transaction documents, requests and claims, details of various agreements and other data related to transactions. Including, electronic transaction data via Website, Application Lifescape, Application ICM and, etc. |
Safety Data |
CCTV images, vehicle data, license plate data, date and time data for entering and exiting Company premises. |
Other Data |
Information you are interested in, suggestion information, safety information, risk consideration information, meeting attendance information, seminars, activities, service information and information necessary for the Company's business operations, etc. |
3. The Source of Personal Data
The Company collects Personal Data from the following sources:
3.1 Personal Data Received Directly from You
From contacting, customer registration, creating an account through the application, making a reservation, entering into a purchase or sale contract, requesting to rent space or request your various services or from the recruitment process business operator, providing information or filling out the quotation (Offer Form), supporting documents for store consideration, documents for requesting various services, bidding, submitting bidding envelopes, participating in marketing activities, participating in promotional activities through various channels, both physical or with information technology, employment application, registration of attending shareholders meeting including information and updates to your information while you still have relationship with the Company etc.
3.2 Personal Data Received from Other Sources
The Company may collect your Personal Data from other sources such as your broker, website, employees or officials, information from your secretary or coordinator government agency such as security registrar or that the Company receives from a third party that is involved in collecting, using, or disclosing Personal Data as ordered by or on behalf of the Company or from the request of the Company or from other sources as necessary as permitted by law.
3.3 Third Party’s Personal Data
The Company may receive third parties’ Personal Data who are related to you of which you are the person providing information to the Company, such as contacts, employees, staff, contractors, agents, or other persons whose information is used by the Company to enter into contracts, or for compliance with contractual requirements, to provide services to you or contact you in an emergency or to reference information that is useful to you. Please provide this Privacy Notice to such third parties to be informed of the Company's Privacy Notice and obtain consent from that person if necessary unless there is another legal requirement by law to disclose Personal Data of third parties to the Company without having to ask for consent.
3.4 Personal Data of Minor, the Quasi-Incompetent Persons, and the Incapacitated
The Company collects Personal Data of minors, virtually incapacitated person and incapacitated persons only with the consent of their parents, guardians, or guardians. The Company does not intend to collect Personal Data from persons under 20 (twenty) years of age without parental consent as required by law or from a quasi-incompetent person and an incompetent person without the consent of the legal guardian or guardian, as the case may be. In the event that the Company knows that it has collected Personal Data from any person under 20 (twenty) years of age without parental consent as required by law or from a quasi-incompetent person and an incompetent person without the consent of the legal guardian or guardian, as the case may be, inadvertently, the Company will immediately delete that Personal Data or will collect, use and/or disclose Personal Data only if there is a legal basis other than consent or as permitted by law.
3.5 Cookies Personal Data
When you visit the Company's website, this information helps the Company provides a better, faster, safer service and for your privacy when you use the service and/or enter the platform.
4. Basis for Processing Personal Data
The Company collects, uses, or discloses your Personal Data for the following purposes under the data processing basis:
4.1 Contractual Basis
For the performance of a contract to which you are a party, such as a space rental contract, space service contract, central service contract, contract for making things, employment contract, contract for hiring various services or any other contract in order to perform the contract or before entering into the contract, as the case may be.
4.2 Legal Obligation
To perform duties as required by law, such as Revenue Code, Computer Crime Act B.E. 2550 and other related laws that the Company is required to comply.
4.3 Legitimate Interest
For legitimate interest of the Company without going over your fundamental rights and freedoms rights that may be reasonably expected by you.
4.4 Consent
In case where your consent is required by law or the Company does not have a need to process your Personal Data using the aforementioned legal basis, the Company will request for your consent.
5. Disclosure of Personal Data
To accomplish the purposes specified in this Privacy Policy. The following divisions within the Company, the Subsidiary Company, the individual, or other organizations may receive disclosures or emails containing your Personal Data:
5.1 Inside the Company
Any departments within the Company may receive or be disclosed of your Personal Data. Your Personal Data will only be disclosed to those who are relevant and necessary to perform their work within the purpose such as IT/ computer department, administrative department, legal department, accounting department will be given permission as required and appropriate.
5.2 Outside the Company
The following are examples of outside organizations to whom your Personal Data could be given or disclosed such as Governmental, regulatory, or other organizations as required by law such as Revenue Department, Legal Execution Department, or other agencies by virtue of laws, the Subsidiary Company, agents, contractors/subcontractors, financial institutions, prospective investors, service providers such as legal service, outside auditor, IT service who provide advises in various field, juristic person management, mail/package delivery service, the Company’s representatives or the Individuals who is responsible to act on behalf of the Company, including Data Processor of the Company. However, when the Company employs outside agencies for services, the Company is responsible for ensuring that these service providers adhere to legal requirements and that your Personal Data is safeguarded with appropriate measures.
6. Transferring or Sending Personal Data Abroad
As part of the Company's business operations, the Company may be required to communicate or transfer your Personal Data to other recipients, such as sending or transferring Personal Data to be held on servers or Cloud systems abroad. The Company will take legal requirements for Personal Data protection into account when determining whether the destination nation meets such criteria.
7. Your Personal Data Retention and Length of Retention
Your Personal Data will be kept on file by the Company as long as you still have relationship with the Company, or as long as it takes to accomplish the specified goals as outlined in this Privacy Policy. If necessary or authorized by law, the Company may be compelled to keep it beyond that.
When it is no longer required or at the end of the specified term, the Company will delete, erase, or otherwise render non-personally identifiable data of your Personal Data.
8. The Safeguarding of Your Personal Data
The Company will procure appropriate safeguard measure in order to protect the loss, unauthorized or illegal access, use, change, modify or disclose your Personal Data and ensure appropriate confidentiality, integrity, availability of your Personal Data. The Company has put in place protective measures for safeguarding, organizational measures, technical measures, physical measures for maintaining appropriate safeguard Personal Data processing. As required and appropriate, the Company has revised these policies, rules, and standards on a regular basis. Furthermore, it is the responsibility of executives, employees, contractors, agents, consultants, and other people who receive information from the Company to uphold the Personal Data in accordance with the Company's established measures.
9. The Data Owner's Rights
The rights in this section mean your legal rights regarding your Personal Data which you may request to exercise these rights with the Company under the conditions specified by law and the Company's rights management process, including: The Right to Withdraw Consent, The Right to Access Personal Data, The Right to Transfer Personal Data, The Right to Protest Data Processing, The Right to Request Deletion or Destruction of Personal Data, The Right to Request Suspension of Personal Data, The Right to Update Personal Data and The Right to Complain.
10.Privacy Notice
The Company recognizes the importance of protecting Personal Data of people who have relationships with the Company in every part, therefore, it has been arranged Privacy Notices that have a direct relationship with you, such as privacy notices for customers, partners, and those with business relationships. Privacy Notice for Shareholders, privacy notice for job applicants and personnel, etc. Please study the privacy notices that are directly relevant to you.
11. The Appropriate Authority
If you have a complaint to make or believe the Company hasn't handled your issue satisfactorily, you may contact and/or make a complain to The Office of the Personal Data Protection Committee (PDPC) using the information provided below:
Phone number 02 141 6996 or 02 142 1033
Email saraban@pdpc.or.th
Website https://www.pdpc.or.th
Address The Office of the Personal Data Protection Committee
120 Moo 3, Ratthaprasasanabhakti Building (Building B),
Chaengwattana Government Complex, Chaengwattana Road,
Thung Song Hong Subdistrict, Lak Si District, Bangkok 10210
12. The Company Contact
If you have any recommendations or questions concerning the collection, use, and dissemination of your Personal Data, you may also ask to exercise your legal options in accordance with this privacy notice. The following methods are available for contacting the Company:
Data Protection Officer: DPO
E-mail dpo@major.co.th
Website https://www.major.co.th/
Address 141 Soi Sukhumvit 63 (Ekkamai), Sukhumvit Road,
Khlong Tan Nuea Subdistrict, Watthana District, Bangkok
13. The Update of the Personal Data Protection Policy
The Company reserves the right to update, change or amend this personal data protection policy in order to comply with relevant guidelines and laws and regulations. However, if there are any changes to this Privacy Policy, the Company will notify you by posting the information on the Company's website.
14. Customer, Partner, Contractor, Service Recipient, and Business Partner Privacy Notice
15. Stakeholder Privacy Notice
16. Candidate and Personnel Privacy Notice
18. Cookies Policy
Latest updated on 11.10.2023
Published on 24.08.2023