[Download] Official letter appointing the DPO of AA Insurance Brokers Co., Ltd. (English)
[Download] Official letter appointing the DPO of AA Insurance Brokers Co., Ltd. (Thai)
Privacy Policy for Customer
AA Insurance Brokers Company Limited recognizes the
importance of the
protection of your personal data.
This Privacy Policy explains our practices
regarding
the collection, use or disclosure of personal data
including other
rights of the Data Subjects in
accordance with the Personal Data Protection
Laws.
Collection of Personal Data
We will collect your
personal data that we receive directly from you as
follows :
● your account registration
● telephone
number
● email address
● Facebook Login
●
Google Login
● LINE Login
● Twitter Login
●
LinkedIn Login
● Insurance Company Login Details
We may collect your personal data that we can access
from the other
source not directly from you such as
search engines, social media,
government authorities,
third parties, etc.
Types of Data Collected
Personal data such as name, surname, age, date of
birth, nationality,
identification card, passport,
etc.
Contact information such as address, telephone
number, e-mail address,
etc.
Account details such
as username, password, transactions history, etc.
Proof of identity such as copy of identification card,
copy of passport, etc.
Transaction and Financial
information such as purchase history, credit
card
details, bank account, etc.
Technical data such as IP
address, Cookie ID, Activity Log, etc.
Other such as
photo, video, and other information that is considered
personal data under the Personal Data Protection Laws.
We may collect, use or disclose your sensitive data that
is specially
categorized by law when we have obtained
explicit consent from you or
where necessary for us
as permissible under law. We may collect, use or
disclose your sensitive personal data as following:
●
health data
● disability
Any data which may affect
the data subject in the same manner, as
prescribed by
the Personal Data Protection Committee.
Children
If you are under the age of 20 or having legal
restrictions, we may collect
use or disclose your
personal data. We require your parents or guardian to
be aware and provide consent to us or allowed by
applicable laws. If we
become aware that we have
collected personal data from children without
verification of parental consent, we take steps to
remove that information
from our servers.
Storage of Data
We store your personal data as hard
copy and soft copy.
We store your personal data by
using the following systems:
● Our server in Thailand
● Our server outside of Thailand
● Third-party server
service providers outside of Thailand
Use of Data
We use the collected data for various purposes:
● To
create and manage accounts
● To provide products or
services
● To improve products, services, or user
experiences
● To share and manage information within
organization
● To conduct marketing activities and
promotions
● To provide after-sales services
● To
gather user’s feedback
● To process payments of
products or services
● To comply with our Terms and
Conditions
● To comply with laws, rules, and
regulatory authorities
Disclosure of Personal
Data
We may disclose your personal data to the
following parties in certain
circumstances:
Organization
We may disclose your personal data
within our organization to provide and
develop our
products or services. We may combine information
internally
across the different products or services
covered by this Privacy Policy to
help us be more
relevant and useful to you and others.
Service
Providers
We may use service providers to help us
provide our services such as
payments, marketing and
development of products or services. Please note
that
service providers have their own privacy policy.
Business Partners
In relation with our business
partners including but not limited to, Insurance
Companies and Insurance Providers, we may disclose
certain personal
data to them in order to coordinate
and provide our products or services to
you and
provide necessary information about the availability of
our
products or services.
Business Transfer
In connection with any reorganization, restructuring,
merger or acquisition,
or other transfer of assets,
we will transfer information, including certain
personal data regarding yourself, provided that the
receiving party agrees
to respect your personal data
in a manner that is consistent with this
Privacy
Policy and the Personal Data Protection Laws.
Law
Enforcement
Under certain circumstances, we may
be required to disclose your personal
data if
required to do so by law or in response to valid
requests by
government authority such as courts,
government authorities.
Cross-Border Data
Transfer
We may disclose or transfer your personal
data to third parties,
organizations or servers
located in foreign countries. We will take steps and
measures to ensure that your personal data is securely
transferred, and the
receiving parties have an
appropriate level of personal data protection
standard or as allowed by laws.
With respect to
transfers originating from the European Economic Area
(EEA) to the United States and other non-EEA
jurisdictions, we will have
appropriate solutions to
address cross-border transfers as required or
permitted by the General Data Protection Regulation.
Data Retention
We will retain your personal data
for as long as necessary including during
and after
the period you are a customer or under relationship with
us, or for
as long as necessary in connection with
the purposes set out in this Privacy
Policy, unless
law requires or permits a longer retention period. We
will
erase, destroy or anonymize your personal data
when it is no longer
necessary or when the period
lapses.
Data Subject Rights
Subject to the
Personal Data Protection Laws thereof, you may exercise
any of these rights in the following:
Withdrawal
of consent: If you have given consent to us to collect,
use or
disclose your personal data whether before or
after the effective date of the
Personal Data
Protection Laws, you have the right to withdraw such
consent at any time throughout the period your personal
data available to
us, unless it is restricted by laws
or you are still under beneficial contract.
Data
access: You have the right to access your personal data
that is under
our responsibility; to request us to
make a copy of such data for you; and to
request us
to reveal as to how we obtain your personal data.
Data portability: You have the right to obtain your
personal data if we
organize such personal data in
automatic machine-readable or usable
format and can
be processed or disclosed by automatic means; to request
us to send or transfer the personal data in such format
directly to other data
controllers if doable by
automatic means; and to request to obtain the
personal data in such format sent or transferred by us
directly to other data
controller unless not
technically feasible.
Objection: You have the
right to object to collection, use or disclosure of
your personal data at any time if such doing is
conducted for legitimate
interests of us, corporation
or individual which is within your reasonable
expectation; or for carrying out public tasks.
Data erasure or destruction: You have the right to
request us to erase,
destroy or anonymize your
personal data if you believe that the collection,
use
or disclosure of your personal data is against relevant
laws; or
retention of the data by us is no longer
necessary in connection with related
purposes under
this Privacy Policy; or when you request to withdraw
your
consent or to object to the processing as
earlier described.
Suspension: You have the right
to request us to suspend processing your
personal
data during the period where we examine your
rectification or
objection request; or when it is no
longer necessary and we must erase or
destroy your
personal data pursuant to relevant laws but you instead
request us to suspend the processing.
Rectification: You have the right to rectify your
personal data to be
updated, complete and not
misleading.
Complaint lodging: You have the right
to complain to competent
authorities pursuant to
relevant laws if you believe that the collection, use
or disclosure of your personal data is violating or not
in compliance with
relevant laws.
If you are
in the European Economic Area (EEA) you have the rights
as
mentioned above and also you have the right to
lodge a complaint with the
local data protection
authority if you believe that we have not complied with
applicable Personal Data Protection laws.
You can
exercise these rights as the Data Subject by contacting
our Data
Protection Officer as mentioned on our
website. We will notify the result of
your request
within 30 days upon receipt of such request. If we deny
the
request, we will inform you of the reason via
SMS, email address,
telephone, registered mail (if
applicable).
Advertising and Marketing
To
enable you to receive benefits from using our products
or services, we
use your personal data to analyze,
personalize and enhance our products
or services, and
marketing efforts through, including but not limited to,
Google, Facebook, pixel tracking code and others. We use
such
information to provide you with customized and
personalized
recommendations for products or services
we think will be of interest to
you.
We do not use
automated decision-making without human intervention,
including profiling, in a way that produces legal
effects concerning you or
otherwise significantly
affects you.
We may send certain information or
newsletter for the purpose of utilizing
your
preference via your email. If you no longer want to
receive the
communications from us, you can click the
"unsubscribe" link in the email
or contact
us through our email.
Cookies
To enrich and
perfect your experience, we use cookies or similar
technologies to display personalized content,
appropriate advertising and
store your preferences on
your computer. We use cookies to identify and
track
visitors, their usage of our website and their website
access
preferences. If you do not wish to have
cookies placed on your computer
you should set your
browsers to refuse cookies before using our website.
Data Security
We endeavor to protect your
personal data by establishing security
measures in
accordance with the principles of confidentiality,
integrity, and
availability to prevent loss,
unauthorized or unlawful access, destruction,
use,
alteration, or disclosure including administrative
safeguard, technical
safeguard, physical safeguard
and access controls.
Data Breach Notification
We will notify the Office of the Personal Data
Protection Committee without
delay and, where
feasible, within 72 hours after having become aware of
it,
unless such personal data breach is unlikely to
result in a risk to the rights
and freedoms of
yourself. If the personal data breach is likely to
result in a
high risk to the rights and freedoms of
yourself, we will also notify the
personal data
breach and the remedial measures to you without delay
through our website, SMS, email address, telephone or
registered mail (if
applicable).
Changes to
this Privacy Policy
We may change this Privacy Policy
from time to time. Any changes of this
Privacy
Policy, we encourage you to frequently check on our
website.
This Privacy Policy was last updated and
effective on 1st July 2022.
Links to Other Sites
The purpose of this Privacy Policy is to offer products
or services and use
of our website. Any websites from
other domains found on our site is
subject to their
privacy policy which is not related to us.
Contact Information
If you have any questions about
this Privacy Policy or would like to exercise
your
rights, you can contact us by using the following
details:
Data Controller
AA Insurance Brokers
Company Limited
565/62 Moo 10 Soi Next to Big C South
Pattaya, Nong Prue, Bang
Lamung, Chon Buri, 20150
welcome@aainsure.net
www.aainsure.net
038415795
Data Protection Officer
DPO Team
565/62 Moo 10
Soi Next to Big C South Pattaya, Nong Prue, Bang
Lamung, Chon Buri, 20150
welcome@aainsure.net
038415795
[Downloads]
PDPADotPro - Privacy Policy - EN - Text content of this page.
PDPADotPro - Privacy Policy - TH – Text content of this page
PDPADotPro - Cookie Privacy Policy - EN -
vEdited-v2Final.docx
PDPADotPro - Cookie Privacy Policy - TH – vEdited.docx
PDPADotPro - CCTV Privacy Policy - EN – vEdited.docx
PDPADotPro - CCTV Privacy Policy - TH – vEdited.docx
PDPADotPro - HR Privacy Policy - EN -
vEdited-v2Final.docx
PDPADotPro - HR Privacy Policy - TH – vEdited.docx
Online PDPA Exclusion
FORM
