1. INTRODUCTION
1.1 Welcome to the NOSTRA LOGISTICS platform run by GIS Co., Ltd. and its affiliates and affiliates (individually and collectively, “GIS”, “we”, “us” or “our”). GIS takes its responsibilities under applicable privacy laws and regulations (“Privacy Laws”) seriously and is committed to respecting the privacy rights and concerns of all users of our NOSTRA LOGISTICS website (the “Site”) (we refer to the Site and the services we provide as described in our Site collectively as the “Services”). We recognize the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data. This Privacy Policy (“Privacy Policy” or “Policy”) is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us and/or we possess about you, whether now or in the future, as well as to assist you in making an informed decision before providing us with any of your personal data. Please read this Privacy Policy carefully. If you have any questions regarding this information or our privacy practices, please see the section entitled “Questions, Concerns or Complaints? Contact Us” at the end of this Privacy Policy.
1.2 “Personal Data” or “personal data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organization has or is likely to have access.
1.3 By using the Services, visiting our website, or accessing the Services, you acknowledge and agree that you accept the practices, requirements, and/or policies outlined in this Privacy Policy, and you hereby consent to us collecting, using, disclosing and/or processing your personal data as described herein. IF YOU DO NOT CONSENT TO THE PROCESSING OF YOUR PERSONAL DATA AS DESCRIBED IN THIS PRIVACY POLICY, PLEASE DO NOT USE OUR SERVICES OR ACCESS OUR SITE. If we change our Privacy Policy, we will post those changes or the amended Privacy Policy on our Site. We reserve the right to amend this Privacy Policy at any time.
2.WHEN WILL GIS COLLECT PERSONAL DATA?
2.1 We will/may collect personal data about you:
(a) when you register and/or use our Services or Site with us;
(b) when you submit any form, including, but not limited to, application forms or other forms relating to any of our products and services, whether online or by way of a physical form;
(c) when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our products and Services;
(d) when you interact with us, such as via telephone calls (which may be recorded), letters, fax, face-to-face meetings, social media platforms and emails;
(e) when you use our electronic services, or interact with us via our Site or Services. This includes, without limitation, through cookies which we may deploy when you interact with our Service or Site;
(f) when you carry out transactions through our Services;
(g) when you provide us with feedback or complaints;
(h) when you register, agree and/or participate in contest and/or sales promotion with us, our partners and/or our affiliates;
(i) when you visit or use websites and applications of our partners or affiliates;
(j) when you visit or use a third party’s website and application related to us;
(k) when you link your account with a third party’s website or application to our Site; or
(l) when you submit your personal data to us for any reason.
The above does not purport to be exhaustive and sets out some common instances of when personal data about you may be collected.
2.2 We may collect, use disclose and/or process this information only for the Purposes (defined below).
3. WHAT PERSONAL DATA WILL GIS COLLECT?
3.1 The personal data that GIS may collect includes but is not limited to:
– name;
– email address;
– address appearing on ID card or passport;
– billing address;
– bank account and payment information;
– telephone number;
– ID card number or passport number
– IP address
– any other information about you when you sign up to use our Services or Site, and when the you use the Services or Site, as well as information related to how you use our Services or Site;
– information received or related to device that you use to access to our Service and/or Site;
– details of your account given to websites ore applications of a third party you engage with via our Site; and
– aggregate data on content the User engages with.
3.2 As mentioned in Clause 2, we may receive your information/personal data and activities, whether or not on NOSTRA LOGISTICS’s platform, from our affiliates and/or partners who are third parties such as information from our affiliates and/or partners collaborating with us to offer you services and/or sales promotion or information from advertiser related to experience or interact with them, including websites and applications you visited.
3.3 If you do not want us to collect the aforementioned information/personal data, you may opt out at any time by notifying our Data Protection Officer in writing about it. Further information on opting out can be found in the section below entitled “How can you opt-out, remove, request access to or modify information you have provided to us?”. Note, however, that opting out of us collecting your personal data or withdrawing your consent for us to collect, use or process your personal data may affect your use of the Services.
3.4 When you use a third party’s applications, websites or other services provided on or collaborated with our Services, such third party may receive your data or information posted or shared by you.
4. VIEWING WEB PAGES
As with most websites, your device sends information which may include personal data about you that gets logged by a web server when you browse our Site. This typically includes without limitation your computer’s IP address, operating system, browser name/version, the referring web page, requested page, date/time, and sometimes a “cookie” (which can be disabled using your browser preferences) to help the site remember your last visit. If you are logged in, this information is associated with your personal account. The information is also included in anonymous statistics to allow us to understand how visitors use our Site.
5. COOKIES
5.1 We may from time to time implement “cookies” or other features to allow us or third parties to collect or share information that will help us improve our Site and the Services we offer, or help us offer new services and features. “Cookies” are identifiers we transfer to your computer or mobile device that allow us to recognize your computer or device and tell us how and when the Services or website are used or visited, by how many people and to track movements within our website. We may link cookie information to personal data. Cookies also link to information regarding what items you have selected for purchase and pages you have viewed. This information is used to keep track of your shopping cart, for example. Cookies are also used to deliver content specific to your interest and to monitor website usage.
5.2 You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this you may not be able to use the full functionality of our Site or the Services.
6. VIEWING AND DOWNLOADING CONTENT AND ADVERTISING
As with browsing web pages, when you watch content and advertising and access other software on our Site or through the Services, most of the same information is sent to us (including, without limitation, IP Address, operating system, etc.); but, instead of page views, your computer sends us information on the content, advertisement viewed and/or software installed by the Services and the website and time.
7. COMMUNITY & SUPPORT
7.1 We provide customer service support through email and feedback forms. In order to provide customer support, we will ask for your email address and mobile phone number. We only use information received from customer support requests, including, without limitation, email addresses, for customer support services and we do not transfer to or share this information with any third parties.
8. SURVEYS
From time-to-time, we may request information from users via surveys. Participation in these surveys is completely voluntary and you therefore have a choice whether or not to disclose your information to us. Information requested may include, without limitation, contact information (such as your email address), and demographic information (such as interests or age level). Survey information will be used for the purposes of monitoring or improving the use and satisfaction of the Services and will not be transferred to third parties, other than our contractors who help us to administer or act upon the survey.
9. HOW DO WE USE THE INFORMATION YOU PROVIDE US?
9.1 We may collect, use, disclose and/or process your personal data for one or more of the following purposes:
(a) to consider and/or process your application/transaction with us or your transactions
(b) to manage, operate, provide and/or administer your use of and/or access to our Services and our website, as well as your relationship and user account with us;
(c) to manage, operate, administer and provide you with as well as to facilitate the provision of our Services, including, without limitation, remembering your preferences;
(d) to respond to, process, deal with or complete a transaction and/or to fulfil your requests for certain products and services and notify you of service issues and unusual account actions;
(e) to enforce our Terms of Service or any applicable end user license agreements;
(f) to protect personal safety and the rights, property or safety of others;
(g) for identification and/or verification;
(h) to maintain and administer any software updates and/or other updates and support that may be required from time to time to ensure the smooth running of our Services;
(i) to deal with or facilitate customer service, carry out your instructions, deal with or respond to any enquiries given by (or purported to be given by) you or on your behalf;
(j) to contact you or communicate with you via voice call, text message and/or fax message, email and/or postal mail or otherwise for the purposes of administering and/or managing your relationship with us or your use of our Services, such as but not limited to communicating administrative information to you relating to our Services. You acknowledge and agree that such communication by us could be by way of the mailing of correspondence, documents or notices to you, which could involve disclosure of certain personal data about you to bring about delivery of the same as well as on the external cover of envelopes/mail packages;
(k) to conduct research, analysis and development activities (including, but not limited to, data analytics, surveys, product and service development and/or profiling), to analyst how you use our Services, to improve our Services or products and/or to enhance your customer experience;
(m) where you give us your prior consent, marketing and promotional information and materials relating to products and/or services (including, without limitation, products and/or services of third parties whom GIS may collaborate or tie up with) for marketing and in this regard, to send you by various modes of communication such as postal mail, email, location-based services or otherwise, that GIS (and/or its affiliates or related corporations) may be selling, marketing or promoting, whether such products or services exist now or are created in the future.
(n) to respond to legal processes or to comply with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction, including, without limitation, meeting the requirements to make disclosure under the requirements of any law binding on GIS or on its related corporations or affiliates;
(o) to produce statistics and research for internal and statutory reporting and/or record-keeping requirements;
(p) to carry out due diligence or other screening activities (including, without limitation, background checks) in accordance with legal or regulatory obligations or our risk management procedures that may be required by law or that may have been put in place by us;
(q) to audit our Services or GIS’s business;
(r) to prevent or investigate any fraud, unlawful activity, omission or misconduct, whether relating to your use of our Services or any other matter arising from your relationship with us, and whether or not there is any suspicion of the aforementioned;
(s) to store, host, back up (whether for disaster recovery or otherwise) of your personal data, whether within or outside of your jurisdiction;
(t) to deal with and/or facilitate a business asset transaction or a potential business asset transaction, where such transaction involves GIS as a participant or involves only a related corporation or affiliate of GIS as a participant or involves GIS and/or any one or more of GIS’s related corporations or affiliates as participant(s), and there may be other third party organizations who are participants in such transaction. A “business asset transaction” refers to the purchase, sale, lease, merger, amalgamation or any other acquisition, disposal or financing of an organization or a portion of an organization or of any of the business or assets of an organization; and/or
(u) any other purposes which we notify you of at the time of obtaining your consent.
(collectively, the “Purposes”).
9.2 As the purposes for which we will/may collect, use, disclose or process your personal data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by the Privacy Laws.
10. HOW DOES GIS PROTECT CUSTOMER INFORMATION?
We implement a variety of security measures to ensure the security of your personal data on our systems. Your personal data is contained behind secured networks and is only accessible by a limited number of employees who have special access rights to such systems. We will retain personal data in accordance with the Privacy Laws and/or other applicable laws. That is, we will destroy or anonymize your personal data as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any legal or business purposes. If you cease using the Site, or your permission to use the Site and/or the Services is terminated, we may continue storing, using and/or disclosing your personal data in accordance with this Privacy Policy and our obligations under the Privacy Laws. Subject to applicable law, we may securely dispose of your personal data without prior notice to you.
11. DOES GIS DISCLOSE THE INFORMATION IT COLLECTS FROM ITS VISITORS TO OUTSIDE PARTIES?
11.1 In conducting our business, we will/may need to disclose your personal data to our third party service providers, agents and/or our affiliates or related corporations, and/or other third parties, whether sited in Thailand or outside , for one or more of the above-stated Purposes. Such third party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the above-stated Purposes. Such third parties include, without limitation:
(a) our subsidiaries, affiliates and related corporations;
(b) contractors, agents, service providers and other third parties we use to support our business. These include but are not limited to those which provide administrative or other services to us such as mailing houses, telecommunication companies, information technology companies and data centers;
(c) a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of GIS’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by GIS about our Service users is among the assets transferred; and/or
(d) third parties to whom disclosure by us is for one or more of the Purposes and such third parties would in turn be collecting and processing your personal data for one or more of the Purposes
11.2 This may require, among other things, share statistical and demographic information about our users and their use of the Services with suppliers of advertisements and programming. This would not include anything that could be used to identify you specifically or to discover individual information about you.
11.3 For the avoidance of doubt, in the event that Privacy Laws or other applicable laws permit an organization such as us to collect, use or disclose your personal data without your consent, such permission granted by the laws shall continue to apply.
11.4 Third parties may unlawfully intercept or access personal data transmitted to or contained on the site, technologies may malfunction or not work as anticipated, or someone might access, abuse or misuse information through no fault of ours. We will nevertheless deploy reasonable security arrangements to protect your personal data as required by the Privacy Laws; however, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorized disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.
12. INFORMATION COLLECTED BY THIRD PARTIES
12.1 Our Site uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies, which are text files placed on your computer, to help the website analyst how users use the Site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
12.2 We, and third parties, may from time to time make software applications downloads available for your use on or through the Services. These applications may separately access, and allow a third party to view, your identifiable information, such as your name, your user ID, your computer’s IP Address or other information such as any cookies that you may previously have installed or that were installed for you by a third party software application or website. Additionally, these applications may ask you to provide additional information directly to third parties. Third party products or services provided through these applications are not owned or controlled by GIS. You are encouraged to read the terms and other policies published by such third parties on their websites or otherwise.
13. DISCLAIMER REGARDING SECURITY AND THIRD PARTY SITES
13.1 WE DO NOT GUARANTEE THE SECURITY OF PERSONAL DATA AND/OR OTHER INFORMATION THAT YOU PROVIDE ON THIRD PARTY SITES. We do implement a variety of security measures to maintain the safety of your personal data that is in our possession or under our control. Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the personal data confidential. When you place orders or access your personal data, we offer the use of a secure server. All personal data or sensitive information you supply is encrypted into our databases to be only accessed as stated above.
13.2 In an attempt to provide you with increased value, we may choose various third party websites to link to, and frame within, the Site. We may also participate in co-branding and other relationships to offer e-commerce and/or other services and features to our visitors. These linked sites have separate and independent privacy policies as well as security arrangements. Even if the third party is affiliated with us, we have no control over these linked sites, each of which has separate privacy and data collection practices independent of us. Data collected by our co-brand partners or third party web sites (even if offered on or through our Site) may not be received by us.
13.3 We therefore have no responsibility or liability for the content, security arrangements (or lack thereof) and activities of these linked sites. These linked sites are only for your convenience and you therefore access them at your own risk. Nonetheless, we seek to protect the integrity of our Site and the links placed upon each of them and therefore welcome any feedback about these linked sites (including, without limitation, if a specific link does not work).
14. HOW CAN YOU OPT-OUT, REMOVE, REQUEST ACCESS TO OR MODIFY INFORMATION YOU HAVE PROVIDED TO US?
14.1 Opting Out and Withdrawing Consent
14.1.1 You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control by sending an email to our Personal Data Protection Officer at the email address listed below in Section 15.1.
14.1.2 Once we have your clear withdrawal instructions and verified your identity, we will process your request for withdrawal of consent, and will thereafter not collect, use and/or disclose your personal data in the manner stated in your request. If we are unable to verify your identity or understand your instructions, we will liaise with you to understand your request.
14.1.3 However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your withdrawal of consent for us to process your personal data, it may mean that we will not be able to continue providing the Services to you, we may need to terminate your existing relationship and/or the contract you have with us, etc., as the case may be, which we will inform you of.
14.2 Requesting Access and/or Correction of Personal Data
14.2.1 If you have an account with us, you may personally access and/or correct your personal data currently in our possession or control through the Account Settings page on the Site. If you do not have an account with us, we do not have your personal data.
14.2.2 For a request to access personal data, once we have sufficient information from you to deal with the request, we will seek to provide you with the relevant personal data within 30 days Where we are unable to respond to you within the said 30 days , we will notify you of the soonest possible time within which we can provide you with the information requested. Note that Privacy Laws may exempt certain types of personal data from being subject to your access request.
14.2.3 For a request to correct personal data, once we have sufficient information from you to deal with the request, we will:
(a) correct your personal data within 30 days .Where we are unable to do so within the said period, we will notify you of the soonest practicable time within which we can make the correction. Note that Privacy Laws may exempt certain types of personal data from being subject to your correction request as well as provides for situation(s) when correction need not be made by us despite your request; and
14.2.5 To the extent permitted by law, we will/may also be charging you a reasonable fee for the handling and processing of your requests to access your personal data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your access request unless you have agreed to pay the fee.
14.2.6 We reserve the right to refuse to correct your personal data in accordance with the provisions as set out in Privacy Laws, where they require and/or entitle an organization to refuse to correct personal data in stated circumstances.
15. QUESTIONS, CONCERNS OR COMPLAINTS? CONTACT US
15.1 If you have any questions or concerns about our privacy practices or your dealings with the Services, please do not hesitate to contact: dpo@cdg.co.th
15.2 Where it is an email or a letter through which you are submitting a complaint, your indication at the subject header that it is a Privacy Law complaint would assist us in attending to your complaint speedily by passing it on to the relevant staff in our organization to handle. For example, you could insert the subject header as “Privacy Complaint”.
We will certainly strive to deal with any complaint or grievance that you may have fairly and as soon as possible.
16. TERMS AND CONDITIONS
Please also read the Terms of Service establishing the use, disclaimers, and limitations of liability governing the use of the Site and the Services and other related policies.
April 2022
การเคารพสิทธิในความเป็นส่วนตัวของท่าน
บริษัท จีไอเอส จำกัด ตระหนักดีว่าท่านมีความประสงค์ที่จะได้รับความปลอดภัยสูงสุดในสิทธิความเป็นส่วนตัวของท่าน บริษัทฯ จึงให้ความสำคัญ และ เคารพสิทธิในความเป็นส่วนตัวของท่าน ในการดำเนินการเก็บรวมรวม ใช้ ประมวลผลและเปิดเผยข้อมูลส่วนบุคคลของท่าน ที่สามารถระบุตัวตนของท่านได้ อาจรวมถึง ชื่อ นามสกุล วันเดือนปีเกิด สถานภาพสมรส เลขประจำตัวประชาชน เลขหนังสือเดินทาง ที่อยู่ หมายเลขโทรศัพท์ อีเมล ไอดีไลน์ รูปถ่าย ภาพนิ่ง ภาพเคลื่อนไหว หมายเลขไอพีแอดเดรส แม็กแอดเดรส หรือไอดีคุ๊กกี้ หรือข้อมูลอื่นใดที่เป็นข้อมูลส่วนบุคคลภายใต้กฎหมายคุ้มครองข้อมูลส่วนบุคคล โดยบริษัทฯ จะดำเนินการโดยใช้มาตรการที่เข้มงวดในการรักษาความปลอดภัยตามวัตถุประสงค์ที่ท่านได้ให้ความยินยอมไว้เท่านั้น ตลอดจนป้องกันมิให้มีการนำข้อมูลส่วนบุคคลของท่านไปใช้โดยมิได้รับการอนุญาตจากท่านก่อน
การเก็บรวบรวม ใช้ และประมวลผลข้อมูลส่วนบุคคล
บริษัทฯ จะใช้ข้อมูลของท่านเพื่อประกอบการดำเนินธุรกิจที่เกี่ยวข้องกับประโยชน์ของท่านในฐานะผู้ติดต่อและ/หรือลูกค้า ตามวัตถุประสงค์ที่ปรากฎในตารางด้านล่างนี้ ซึ่งบางครั้งอาจเป็นการปฏิบัติตามสัญญา กฎหมายหรือกฎระเบียบที่เกี่ยวข้องด้วย
วัตถุประสงค์ในการใช้ | ระบุประเภทข้อมูลส่วนบุคคล
| ระยะเวลา |
เพื่อใช้ในการลงทะเบียนเพื่อรับข้อมูลสินค้าและบริการ ของบริษัทฯ | – ชื่อ สกุล – เบอร์ติดต่อ – หน่วยงาน – ที่อยู่ที่ทำงาน | 5 ปี |
การเปิดเผยข้อมูลส่วนบุคคล
บริษัทฯ จะไม่เปิดเผยข้อมูลส่วนบุคคลของท่าน ตลอดจนจะป้องกันมิให้มีการนำข้อมูลส่วนบุคคลของท่านไปใช้โดยพลการ ซึ่งอาจจะมีการเปิดเผยข้อมูลนั้น ๆ เป็นไปโดยถูกต้องตามกฎหมาย หรือตามคำสั่งของหน่วยงานรัฐที่เกี่ยวข้อง
บริษัทฯ จะเคร่งครัดไม่เปิดเผยข้อมูลส่วนบุคคลนอกเหนือจากที่ระบุไว้ เว้นแต่ได้รับความยินยอมจากท่าน
สิทธิที่เกี่ยวกับข้อมูลของท่าน
ท่านสามารถใช้สิทธิที่เกี่ยวกับข้อมูลของท่านโดยใช้ความเป็นของเจ้าของข้อมูลส่วนบุคคลของท่านตามที่บริษัทฯ แจ้งท่านไว้ในหนังสือฉบับนี้
สถานที่ติดต่อ และวิธีการติดต่อ
ในกรณีที่ท่านต้องการความช่วยเหลือจากบริษัทฯ หรือ หากมีข้อสงสัยใดๆ ที่เกี่ยวข้องกับสิทธิของท่าน สามารถติดต่อสอบถามผ่านทางช่องทางที่กำหนดไว้ ดังนี้
บริษัท จีไอเอส จำกัด
ที่อยู่ 202 ถนนนางลิ้นจี่ แขวงช่องนนทรี เขตยานนาวา กรุงเทพมหานคร 10120
โทรศัพท์: 02-678-0200
อีเมล์: dpo@cdg.co.th