Skip to content

บริษัท ขนส่ง จำกัด
THE TRANSPORT CO.,LTD​

ช่องทางติดต่อ
(Contact channels)
Facebook-messenger Line
หน้าแรก > About TCL. > Privacy Policy and Terms > Privacy Policy
Privacy Policy
  • 19 December 2024

Privacy Policy

  • 19 December 2024

1. Introduction

The Transport Co., Ltd. (hereinafter referred to in this policy as “TCL” or “the Organization”) recognizes the importance of personal data and other information related to you (collectively referred to as “Data”). To ensure your trust, TCL emphasizes transparency and accountability in the collection, use, or disclosure of your data, in compliance with the Personal Data Protection Act B.E. 2562 (2019) (“Personal Data Protection Law”) and other relevant laws.

This Personal Data Protection Policy (“Policy”) has been established to clarify the details regarding the collection, use, or disclosure (collectively referred to as “Processing”) of personal data conducted by TCL, its employees, and individuals acting on behalf of TCL. The key contents are as follows:

2. Scope of Policy Enforcement

This Policy applies to the personal data of individuals currently or potentially associated with TCL. The data is processed by TCL, its officers, contractual employees, business units, or other entities operating under TCL, including contractors or external parties processing data on behalf of TCL (“Personal Data Processors”). This includes data handled across TCL’s products and services, such as websites, systems, applications, documents, or other services controlled by TCL (collectively referred to as “Services”).

Individuals associated with TCL, as defined above, include:

  1. Individual customers.
  2. Officials, workers, or employees.
  3. Business partners and service providers who are individuals.
  4. Directors, proxies, representatives, agents, shareholders, or employees of legal entities connected to TCL.
  5. Users of TCL’s products or services.
  6. Visitors or users of TCL’s website www.transport.co.th, systems, applications, devices, or other communication channels controlled by TCL.
  7. Other individuals from whom TCL collects personal data, such as job applicants, families of employees, guarantors, and beneficiaries of insurance policies.

Items 1 through 7 are collectively referred to as “You”.

In addition to this policy, TCL may issue Privacy Notices for specific products or services to explain the personal data being processed, the legal purposes for processing, the retention periods, and the rights of data owners.

In the event of any significant conflict between this Policy and a Privacy Notice, the terms of the Privacy Notice for the specific service shall prevail.

3. Definitions

  • TCL: Refers to Transport Co., Ltd.

  • Personal Data: Refers to information about an individual that directly or indirectly identifies that person, excluding information about deceased persons.

  • Sensitive Personal Data: Refers to data as defined under Section 26 of the Personal Data Protection Act B.E. 2562, including:

    • Racial or ethnic origin
    • Political opinions
    • Religious or philosophical beliefs
    • Sexual orientation
    • Criminal records
    • Health data
    • Disability status
    • Trade union membership
    • Genetic and biometric data
    • Other data impacting the personal data owner as specified by the Personal Data Protection Committee.

  • Personal Data Processing: Refers to any operation performed on personal data, such as collection, recording, copying, organization, storage, modification, use, retrieval, disclosure, transfer, publication, merging, deletion, or destruction.

  • Personal Data Owner: Refers to an individual who owns the personal data collected, used, or disclosed by TCL.

  • Personal Data Controller: Refers to a person or legal entity with the authority to decide on the collection, use, or disclosure of personal data.

  • Personal Data Processor: Refers to a person or legal entity processing personal data on behalf of, or under the instructions of, the personal data controller. The processor does not act as the controller.

4. Sources of Personal Data Collected by TCL

TCL collects various types of personal data from the following sources:

  1. Direct Data Collection: Data provided directly by the data owner through TCL’s service channels, such as registration, application, employment processes, contract signing, surveys, or product and service usage. This includes when the data owner contacts TCL via offices or other controlled communication channels.

  2. Data Collected During Service Use: Data gathered when the data owner uses TCL’s websites, products, or services. This includes behavior tracking through Cookies or software on user devices.

  3. Data from External Sources: Personal data obtained from sources other than the data owner, where the source has a lawful basis, authority, or the data owner’s consent to disclose the data to TCL. Examples include:

    • Integration of digital services from government agencies for public benefit.
    • Receiving data from other government agencies under TCL’s mission to establish a central data exchange to support public service delivery.
    • Exchange of data with contractual agencies to fulfill service agreements.

If you provide third-party personal data to TCL, you are responsible for:

  • Informing the third party about the details outlined in this Policy or related service Privacy Notices.
  • Obtaining consent from the third party when necessary for disclosure to TCL.

Failure to provide necessary personal data may result in TCL’s inability to deliver services in whole or in part.

5. Legal Basis for Personal Data Collection

TCL determines the appropriate legal basis for collecting your personal data based on the context of the services provided. The legal bases for TCL’s collection of personal data include:

Legal Basis for Data Collection Details
For the execution of tasks for public interest or the exercise of state authority assigned to TCL. To enable TCL to operate under state assignments and carry out tasks for public benefit in accordance with legal provisions. Examples include: the Digital Government Administration and Services Act B.E. 2562, and other relevant laws, regulations, rules, and state orders.
For compliance with legal obligations

To enable TCL to comply with obligations set forth by applicable laws. Examples include:

– Collecting computer traffic data as per the Computer Crime Act B.E. 2560.

– The Accounting Act B.E. 2543.

– Tax-related laws, including court orders or other legal mandates.
For legitimate interests under the law For the legitimate interests of TCL or others. These legitimate interests must not override the fundamental rights and freedoms of the individual whose personal data is being collected. Examples include ensuring security at TCL facilities or processing personal data for organizational management purposes.
For the prevention or suppression of danger to life, body, or health of individuals To prevent or suppress harm or danger to life, body, or health. Examples include processing personal data for emergency healthcare services under government policies.
For the performance of a contract To enable TCL to fulfill contractual obligations or facilitate actions required before entering into a contract with individuals. Examples include employment agreements, service provision, or other agreements related to TCL operations.
For significant statistical or archival purposes To enable TCL to organize or support critical statistical or archival tasks, such as conducting statistical surveys or preparing official reports for public administration purposes.
With your consent To collect personal data when explicit consent is provided by the data owner. TCL may request consent to process data for specific purposes, such as marketing, service development, or any activities that require explicit approval. Individuals can withdraw consent at any time, in accordance with the Personal Data Protection Act B.E. 2562 and other applicable regulations.

                   

In Cases Where TCL Needs to Collect Personal Data

If TCL is required to collect your personal data for the performance of a contract, compliance with legal obligations, or for necessary steps to enter into a contract, refusal to provide such data or objections to data processing for the specified purposes may prevent TCL from delivering services or fulfilling requests, either in part or in full.

6. Types of Personal Data Collected by TCL

TCL may collect or obtain the following types of personal data, which may include your personal information. The data collected depends on the services you use, the nature of your relationship with TCL, and other considerations relevant to the collection of personal data. The types of data listed below serve as a general framework for data collection, with only information relevant to the product or service you use or interact with being applicable:

Type of Personal Data Details and Examples
Personal Identification Data Personal details such as full name, title, surname, nickname, signature, identification card number, passport number, nationality, gender, tax identification number, professional registration number, insurance policy number, and other identifiers.
Personal Characteristics Data Details about your personal traits, such as date of birth, gender, blood type, age, marital status, physical appearance, facial recognition data, voice, spoken language, behavioral data, opinions, and abilities (e.g., knowledge and skills).
Contact Information Contact details, such as phone numbers, fax numbers, address, email, location details, and online communication data (e.g., Line ID, MS Teams), or workplace details.
Employment and Education Data Employment and educational background, such as occupation, career details, work position, job title, work history, workplace location, work identification number, salary, work schedule, benefits, skills, training records, education institution, academic qualifications, and graduation dates.
Financial and Insurance Information Insurance-related details, such as policyholders, beneficiaries, policy reference numbers, and types of insurance.
Social Relationship Data Social relationship details, such as marital status, family relationships, personal connections, information on companions, and related social engagement with TCL services.
Service Usage Data Details of the usage of TCL products or services, such as usernames, PIN codes, Single Sign-On (SSO ID), OTP codes, and purchase and payment data. This includes website activity, user behavior on TCL platforms (e.g., www.transport.co.th), IP addresses, device IDs, operating systems, and other relevant usage data.
Sensitive Personal Data Sensitive personal data that may include, for example, health records, political opinions, biometric data, criminal records, or other data as specified by law.

7. Cookies

TCL collects and uses cookies and similar technologies on websites under its management, such as www.transport.co.th, or on your devices, depending on the services you use. These cookies are used to:

  • Ensure service security.
  • Provide you with a convenient and improved user experience.

The information collected helps TCL enhance its website to better suit your needs. You can configure or delete cookies yourself via your web browser settings.

8. Personal Data of Minors, Incompetent Persons, and Quasi-Incompetent Persons

If TCL becomes aware that the collected personal data belongs to a minor, incompetent person, or quasi-incompetent person, for whom consent is required, TCL will not collect such data unless explicit consent is obtained from the legal guardian, custodian, or legal representative, as applicable and as prescribed by law.

If TCL later discovers that personal data belonging to a minor, incompetent person, or quasi-incompetent person was collected without valid consent, TCL will promptly delete or destroy such data, unless there are other lawful grounds for processing, using, or disclosing the data.

9. Purposes for Collecting Personal Data

TCL collects your personal data for the following purposes, depending on the products, services, or activities you engage with and the nature of your relationship with TCL. These purposes serve as a general framework, with only relevant objectives being applied to your data:

  1. To perform tasks necessary for public interest or legal authority assigned to TCL.
  2. To provide and manage services under agreements or TCL’s mission.
  3. To carry out TCL’s transactions.
  4. To monitor, manage, and improve services to ensure they align with your needs.
  5. To store and update information about you, including relevant documents.
  6. To record personal data processing activities as required by law.
  7. To analyze data and resolve service-related issues.
  8. To manage internal operations, such as recruitment, evaluation of candidates, and position fulfillment.
  9. To prevent, detect, and investigate fraud, security breaches, or illegal activities that may harm TCL or data owners.
  10. To verify and authenticate your identity when registering or accessing TCL services.
  11. To enhance and improve the quality of TCL products and services.
  12. To assess and manage risk.
  13. To send notifications, confirmations, communications, and updates.
  14. To prepare and deliver relevant documents or necessary information.
  15. To verify identity, prevent spam, or detect unauthorized or illegal activities.
  16. To analyze how data owners access and use TCL’s services, both collectively and individually, for research and analysis purposes.
  17. To comply with obligations to regulatory authorities, tax bodies, law enforcement, or legal requirements.
  18. To act as necessary for TCL’s legitimate interests or those of others involved in TCL’s operations.
  19. To prevent or stop harm to life, body, or health, including disease monitoring.
  20. To prepare historical documentation, research, or statistics for public benefit as assigned to TCL.
  21. To comply with applicable laws, announcements, orders, legal proceedings, or court orders, including exercising rights regarding your data.

10. Categories of Recipients for Disclosure of Personal Data

Under the purposes outlined in Section 9, TCL may disclose your personal data to the following categories of recipients. The recipients listed here serve as a general framework for disclosure, and only those related to the products or services you use will be applicable:

Type of Data Recipients Details
Government agencies or authorized authorities TCL may disclose data as required by law or for significant purposes, such as public benefit tasks. Examples include the Cabinet, state administrators, Department of Transport, Revenue Department, police departments, courts, the Digital Economy and Society Ministry, Office of the Auditor General, and educational funding bodies.
Relevant committees TCL may disclose personal data to individuals appointed as members of relevant committees.
Contractual partners managing employee welfare Individuals or entities TCL contracts to manage employee welfare, such as insurance companies, hospitals, payroll companies, banks, and other service providers.
Business partners TCL may share personal data with individuals or business partners to provide services. Examples include contractors, customer support providers, advertising platforms, and telecommunication providers.
Service providers TCL may disclose data to service providers who support TCL’s operations, such as data processors (e.g., document storage, software developers, application developers), cloud service providers, website administrators, internet service providers, IT support, digital ID providers, and online payment service providers.
Other data recipients TCL may disclose data to other individuals or entities, such as TCL members’ family representatives, affiliated organizations, hospitals, courts, insurance companies, auditors, external advisors, or legal representatives.
Disclosure for public interest TCL may disclose personal data when required to do so in the public interest. Examples include legal announcements or publications mandated by government authorities.

11. Transfer of Personal Data Abroad

In certain cases, TCL may need to transfer or transmit personal data to other countries to fulfill service purposes, such as transferring personal data to a cloud system with platforms or servers located abroad (e.g., Singapore or the United States) to support IT systems outside Thailand. This depends on the specific TCL service or activity you are engaged with.

At the time this policy was created, the Personal Data Protection Committee had not yet issued a list of destination countries with sufficient personal data protection standards. Therefore, TCL will ensure that any transferred data has appropriate safeguards in line with international standards or meets legal conditions, including:

  1. Compliance with laws that require TCL to transfer personal data abroad.
  2. Informing you and obtaining your consent if the destination country lacks sufficient data protection standards.
  3. Transfers necessary to perform a contract where you are a party or for pre-contractual steps upon your request.
  4. Transfers required for the performance of TCL’s contract with a third party for your benefit.
  5. Transfers to prevent or mitigate harm to life, body, or health when your consent cannot be obtained.
  6. Transfers necessary to carry out important public interest tasks.

12. Retention Period for Personal Data

TCL will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as specified in this policy, related announcements, or applicable laws.

Once the retention period expires and the data is no longer necessary, TCL will delete, destroy, or anonymize your data using appropriate methods and standards as prescribed by the Personal Data Protection Committee or international standards.

In cases of disputes, legal claims, or litigation involving your personal data, TCL reserves the right to retain the data until the matter is resolved through a final decision or judgment.

13. Services Provided by Third Parties or Sub-processors

TCL may assign or contract third parties (data processors) to process personal data on TCL’s behalf. Such third parties may provide services such as hosting, outsourcing, cloud computing, or other related operations.

TCL will enter into agreements specifying the rights and duties of TCL (as the data controller) and the third-party data processors, including:

  • The type of personal data to be processed.
  • The purpose and scope of the processing.
  • Other relevant conditions.

The data processor must process personal data only as instructed by TCL and is prohibited from processing data for other purposes.

If a data processor subcontracts another party (sub-processor) to process personal data, TCL will require a formal agreement between the data processor and the sub-processor, ensuring the terms meet the same standards as the agreement between TCL and the data processor.

14. Security Measures for Personal Data

TCL implements measures to protect personal data by restricting access to authorized personnel or individuals who are required to use the data for specified purposes. These individuals must comply with TCL’s data protection measures and maintain confidentiality of the data.

TCL adopts both organizational and technical measures in line with international standards and legal requirements.

When transferring or disclosing personal data to third parties, TCL ensures appropriate security and confidentiality measures to maintain the safety of collected personal data.

15. Connections to Third-Party Websites or Services

TCL’s services may include links to third-party websites or services, which may have separate data protection policies. TCL recommends reviewing the privacy policies of such websites or services before use.

TCL does not have control over third-party data protection measures and cannot be held responsible for the content, policies, or damages arising from the use of third-party websites or services.

16. Data Protection Officer

TCL has appointed a Data Protection Officer (DPO) responsible for monitoring, supervising, and advising on the collection, use, and disclosure of personal data. The DPO also coordinates with the Personal Data Protection Committee to ensure compliance with the Personal Data Protection Act B.E. 2562 (2019).

17. Your Rights Under the Personal Data Protection Act B.E. 2562

The Personal Data Protection Act B.E. 2562 provides several rights to data subjects. These rights will take effect when the relevant legal provisions become enforceable:

  1. Right to Access: Request access, obtain copies, and receive details about the source of your personal data collected by TCL.
  2. Right to Rectification: Request corrections to inaccurate, incomplete, or outdated personal data.
  3. Right to Erasure: Request deletion or anonymization of your personal data under legal conditions.
  4. Right to Restrict Processing: Request suspension of data processing in specific cases, such as during data accuracy verification or unlawful processing.
  5. Right to Object: Object to data processing unless TCL can demonstrate lawful grounds overriding your objections.
  6. Right to Withdraw Consent: Withdraw consent previously provided for data collection, use, or disclosure at any time, except where legal or contractual obligations apply.
  7. Right to Data Portability: Request personal data in a structured, machine-readable format or transfer data to other controllers, as allowed by law.

18. Consequences of Non-Compliance with this Policy

Non-compliance with this policy may result in disciplinary action (for TCL employees) or penalties under data processing agreements (for data processors). Non-compliance may also lead to penalties under the Personal Data Protection Act B.E. 2562 and related laws or regulations.

19. Complaints to Regulatory Authorities

If you believe TCL has failed to comply with data protection laws, you may file a complaint with the Personal Data Protection Committee or relevant regulatory bodies. TCL encourages you to contact TCL first to address your concerns and resolve any issues promptly.

20. Policy Updates

TCL may update this policy as necessary. Notifications of updates will be communicated via Email: pdpa@transport.co.th with an effective date included.

You are encouraged to regularly review the policy through TCL applications or other channels. Continued use of TCL’s services after policy updates constitutes your acknowledgment of the revised terms.

21. Inquiries and Exercising Rights

If you have questions, suggestions, or concerns about TCL’s data collection, use, and disclosure, or if you wish to exercise your legal rights, please contact:

  • Data Protection Officer (DPO)
  • Organization: Transport Co., Ltd. (TCL)
  • Contact Address: 999, 4th Floor, Bangkok Bus Terminal (Chatuchak), Kamphaeng Phet 2 Road, Chatuchak, Bangkok 10900
  • Contact Channels: Email: pdpa@transport.co.th, Line ID: @tcl99
View Fullscreen
Post Views: 51
Copyright © 2024 Transport Co., Ltd.
© 2024 Transport Co., Ltd.
Facebook-square X-twitter-square Ri-instagram-fill Youtube Line Huge-tiktok
USEFUL LINKS

Site map

Satisfaction Survey

Press release

Book your seat and ticket

Get Help

Service standards

Guide for the People

FAQ EN

Contact

  • 02-9362852-66
  • borkorsor@transport.co.th
  • 999 Kamphaeng Phet 2 Road, Chatuchak Subdistrict, Chatuchak District, Bangkok 10900
Total Visitors : 10443
Edit Template

บริษัท ขนส่ง จำกัด © 2024