At present, the information technology system is widely applied to electronic transactions that may require the collection, storage, use, or dissemination of user information in the form of electronic information. Therefore, to prevent breach of personal data which is a fundamental privacy right of the user to be protected. This will ensure that users’ confidence in electronic transactions. Road Accident Victims Protection Company Limited has adopted this Privacy Policy and Personal Information Protection comprised of eight principles as following.
1.1 The Company may obtain user personal information as necessary for electronic transaction services according to the authority, purpose, or as required by law. The Company shall keep the information confidential unless
1.1.1 The user requests and agrees to disclose personal information.
1.1.2 Required by law.
1.1.3 Is for the benefit of the user and consent cannot be made at that time.
1.1.4 Is for the benefit of the life, health or safety of users and other users.
1.1.5 Is for the benefit of the inquiry of the inquiry officer or judicial review or by court order.
1.1.6 Is for research or statistical purposes.
1.2 The company will inform its users and ask for consent before obtaining personal information such as full name, e-mail address, telephone number, ID number, nationality, religion, etc., as well as any business activity or transactions.
The company may use "cookie" system in the website to be able to provide services efficiently, the cookie function will end when the user leaves the company website.
The company can continue to improve the website and collect statistical information from cookies, such as number of visitors to the website and Information on behavior of users in searching for information in the website, time spent on the website, viewing of web pages and others to develop and improve the services of the company to meet the needs of users.
Personal information are obtained and stored in accordance with the authority and objectives of the business of the company and in compliance with the law. The collection, storage, use or dissemination of information that relates to identity of individuals whether directly or indirectly is accurate and current.
3.1 The company may obtain, store and use personal information for
the benefit of its users and the implementation of the company's operational objectives.
3.2 The company will not take any action other than stated in the purpose of data collection, unless
3.2.1 Change of purpose to obtain personal information.
The company shall notify the users via e-mail or post on the company's website. (http://www.rvp.co.th)
3.2.2 Required by law.
4.1 The company shall not disclose personal information that has been obtained to
any other person unless with consent of the owner of information and only for the purposes
of the company.
4.2 The company shall enforce its employees not to disclose, display or any form of
disclosure of user's personal information other than objectives of the company, unless
4.2.1 The user requests and agrees to disclose personal information.
4.2.2 Required by law.
4.2.3 Is for the benefit of the user and consent cannot be made at that time.
4.2.4 Is for the benefit of the life, health or safety of users and other users.
4.2.5 Is for the benefit of the inquiry of the inquiry officer or judicial review or by court order.
4.2.6 Is for research or statistical purposes.
4.3 The company may enter into an agreement with a contracting party, business partner or its agent, service provider, contractor to develop, improve products or services, systems or devices to optimize the operation or conduct of business of the company or for statistical analysis of the company’s activities or website. The Company will require that such third party entities and persons obtain user’s personal information restrictedly as necessary. And preserve the confidentiality and security of the user's personal information and prohibit the use of such personal information outside of the company's business or the activities of the website.
The company has appropriate measures to protect personal information security and create a sense of responsibility for maintaining security, privacy of personal information among company employees to strictly comply and prevent data loss, access, destruction, use, modification, or disclosure of personal information without permission.
The company shall disclose privacy policies and practices and if there is amendment, the company shall notify the user by e-mail or post on the company's website (http://www.rvp.co.th). Users can access such policy on the nature of the personal information and the purpose of collection on such channel.
7.1 The company will disclose, amend, remove or take any action with data relating to personal
information upon receipt of a request from the data owner, heir at law, authorized person or legal guardian.
The company may refuse to act on request that deemed harassment or risk for other’s privacy or a legal
requirement or cannot be done by any case.
7.2 Users have the right to check the availability, specification of personal information,
purpose of the data and location of the company’s office as well as the following rights.
7.2.1 Request a copy or request a certified copy of their personal information of oneself.
7.2.2 Request to correct or change personal information of oneself.
7.2.3 Suspend the use or disclosure of personal information of oneself.
7.2.4. Ask to remove or destroy personal information of oneself.
7.2.5 Request disclosure of how the personal information of oneself has been obtained, in the case of user has not consented to collection or storage.
However, the company may deny the user’s rights if the law requires or if the user's personal information becomes unidentified or un-identifiable.
The company has set privacy policy and personal information protection by requiring the controller to comply with the criterion to ensure compliance with the company's Privacy Policy and Personal Information Protection.