Privacy Policy - Athentic Consulting

Athentic Consulting Privacy Policy

Latest updated : 11 January 2022

Abstract

Athentic Consulting processes personal data of Website Visitors with the reasonable measures to act in compliance with the Thailand’s Personal Data Protection Act B.E. 2562 (“PDPA”). You can see our full detailed Privacy Policy through the attached QR code, however

the summary of our Privacy policy is shown below.

Topic	Overview
What data do we process?	We process collected personal data including but not limited to Identity Data, Address / Contact and IT Data.
How do we use those data?	We process personal data according to the purpose and scope of Athentic Consulting Company Limited, and with the legal bases as explained in our Privacy Policy.
Who do we transfer information to?	In some circumstances, we may be required to transfer personal data to Third-Party Organisations, which are stated in our vendors/partners.
What are your rights as a data subject?	As a data subject, you are entitled to the data subject rights which include but not limited to right to access, right to rectification and right to erasure.
Revision of the policy	Any revision made will be notified to all related parties regarding the changes in The Privacy Policy.

Athentic Consulting Website Visitors’ Privacy Policy 1.0

(Full Version)

Purpose and scope
What personal data do we process?
How do we collect your personal data?
How does Athentic Consulting use your Personal Data?
Usage of Personal Data with External Third-party Organization
Transferring Personal Data to Foreign Countries
Security Measures for Personal Data Protection
Time Period of Personal Data Storage
Website Visitors’ Personal Data Rights
Policy Revision

Purpose and scope

This Privacy Policy applies to all Athentic Consulting Website Visitors. Athentic Consulting Company Limited mainly acts as the data controller under PDPA. Therefore, Athentic Consulting is committed to collect and process Website Visitors’ personal data in accordance with the purpose and scope of Athentic Consulting Company Limited specified herein this Privacy Policy.

Data Controller Contact Information

Athentic Consulting Company Limited
No.1504 15th floor Chamchuri Square Building, 319
Phaya Thai Rd, Khwaeng Pathum Wan,
Khet Pathum Wan, Bangkok 10330

Tel.: 085-488-9377
E-mail: [email protected]

Data Protection Officer (DPO) Contact Information

Mr. Pornthep Luthaicharoenlap
E-mail: [email protected]

This Privacy Policy covers data subjects who are Athentic Consulting Website Visitors, including Website Visitors, Potential Customers and Customers.

As used in this Privacy Policy, the following terms shall have the meanings set forth below:

‘Processing’ means anything done with Athentic Consulting Website Visitors’ personal data, including collection, storage, use, disclosure and deletion.

‘Legal Bases’ means justifiable reasons to process personal data in accordance with Article 24 and Article 26 of PDPA.

This policy may be revised at any given time as notified to Website Visitors through appropriate channels.

What personal data do we process?

Athentic Consulting stores the following Website Visitors personal data :

Identity Data including but not limited to Name and Surname
Address/Contact including but not limited to Company, Phone number and Email
IT Data including but not limited to the Cookie ID

How do we collect your personal data?

In general, Athentic Consulting will directly collect Website Visitors’ personal data through these processes or channels including but not limed to:

Fill in the form on the website.
Collecting cookie ID from the user’s website

Currently, Athentic Consulting does not collect any data through Third-party Organisations.

How does Athentic Consulting use your Personal Data?

Group of Activities	Group of PIIs	Legal Bases	Retention Period
Visitor History	IT Data	Legitimate Interest Consent	2 months
Register Form	Identity Data Address / Contact	Legitimate Interest	After resolved the problem/complaint or 1 year
Email Newsletter	Address / Contact	Consent	When website visitor unsubscribe

Athentic Consulting uses Website Visitors’ personal data to carry out tasks per Athentic Consulting’s scope and purpose of providing groups of activities, including but not limited to:

Athentic Consulting will process Website Visitors’ personal data according to the stated purposes and scope. If there came upon a case where personal data were to be processed for other purposes unclarified above, Athentic Consulting would ask for new consent to process Users’personal data on such uses.

Usage of Personal Data with External Third-party Organization

Athentic Consulting may be required to pass on personal data to external third-party organisations and process personal data in accordance with the contract or the legal obligation of Athentic Consulting. These organisations may include:

– F22 (Website Admin)

For the case where personal data is being passed on the external third-party organizations, Athentic Consulting will ensure that the minimum amount of personal data is being sent and consider anonymization and psuedonnymisation techniques for greater security. Nevertheless, external third-party organizations who will process Website Visitors’s personal data for Athentic Consulting will be required to have an appropriate privacy policy. Athentic Consulting does not permit these external third-party organization to use the Website Visitors’s personal data in a way that diverge from the agreed scope and purpose.

Transferring Personal Data to Foreign Countries

Athentic Consulting does not pass on personal data to foreign countries.

Security Measures for Personal Data Protection

Athentic Consulting has implemented security measures to ensure the security of Website Visitors’ personal data. External third party organizations must carry out the processing of personal data in accordance with Athentic Consulting’s policy and agrees to ensure the security of Website Visitors’ personal data.

Time Period of Personal Data Storage

Athentic Consulting will store Website Visitors’ personal data throughout for the appropriate period according to Athentic Consulting’s scope and purpose including other important matters such as legal requirements, financing and auditing purposes. (More details according to the table in 4. How does Athentic Consulting use your Personal Data?)

Website Visitors’ Personal Data Rights

Your personal data rights include:

Right of Access – you have the right to request a copy of all your personal data and assess if the company is processing your personal data in accordance with the law or not

Right to Data Portability – for the case where a company has an automated platform allowing you to access your personal data automatically:
- You have the right to ask for your personal data to be transferred automatically to other organizations
- You have the right to ask for your personal data to be directly transferred to other organization, with the exceptions of cases where there is a technological limitation

Right to Object – you have the right to object to any data process activity of your personal data for the legal bases, including:
- Public Task or Legitimate Interest
- Direct Marketing Purposes

Right to Erasure – you have the right to request data deletion or anonymization, in accordance to the following cases:
- Expiration of data processing required terms
- Consent has been withheld
- Objections raised on the data processing activity
- The processing activity is not in accordance with the law

Right to restrict processing – you have the rights to restrict any data processing activities, in accordance with the following cases:
- During the process of personal data assessment as requested
- For cases related to personal data which has initially asked for deletion and erasure but was followed by an additional request of processing restriction instead
- For cases when the data processing terms have passed, but you have requested for processing restriction due to legal reasons
- During the process of personal data processing objection verification

Right to Rectification – You have the right to edit your personal data to be correct and concurrent to the present. If any mistake was detected, the company might not edit this themselves.

In the cases where Athentic Consulting may not be able to carry out and exercise your rights, including, but not limited to, the cases where a legal process is taking place, you will continue to have the rights to retract your consent by emailing to all related parties. Athentic Consulting will be required to terminate all processes as soon as possible. However, the retraction only is carried out to all data processing after the retraction. Any data process activity carried out before the retraction will not be reversed.

Please be informed that Athentic Consulting does record all requests to ensure all issues are resolved. For any queries regarding your personal data protection and rights, more details are available in TDPG3.0 at: https://www.law.chula.ac.th/event/9705/

In the case where you have the intention to exercise your personal data protection rights, please contact ([email protected]). Athentic Consulting will process this request in a secure and timely manner. Also, in case that Athentic Consulting fails to preserve your rights under PDPA, you can file complaint to Office of the Personal Data Protection Commission (‘PDPC’)

Policy Revision

This Privacy Policy applies to all Athentic Consulting Website Visitors and was last updated on 11 January 2022. Athentic Consulting holds the rights to review and edit the policy as the company sees fit. Any revision made will be notified to all related parties regarding the changes in data processing activity procedures.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by 'GDPR Cookie Consent', this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by 'GDPR Cookie Consent', this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by 'GDPR Cookie Consent' to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by 'GDPR Cookie Consent', this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by 'GDPR Cookie Consent', this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by 'GDPR Cookie Consent', this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_RW533PYDK2	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_216690146_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
EAxsTQUrFjPy	1 day	No description
MHYWnAL	1 day	No description