PDPA Policy

Prowise Tech Co., Ltd. (“the Company”, “we”, “our”, or “us”) recognizes the importance of protecting your personal data. As both a data controller and processor under the Personal Data Protection Act B.E. 2562 (PDPA), we are committed to processing your personal data responsibly and in accordance with applicable legal requirements.
This Privacy Policy outlines how we collect, use, and disclose (or otherwise process) your personal data, as well as your rights as a data subject.

 

1. Definitions

• Personal Data: Any information relating to an individual that enables the identification of such person, either directly or indirectly, but excluding data relating to a deceased person.
  
  
• Data Subject: An individual whose personal data is collected, used, or disclosed.
  
  
• Data Controller: A person or legal entity with the authority to determine the purposes and means of processing personal data.
  
  
• Data Processor: A person or legal entity that processes personal data on behalf of the data controller.
  
  

2. Principles of Personal Data Processing

We strictly adhere to the following key principles when processing personal data:

• Lawfulness: All processing is conducted based on a lawful basis.
  
  
• Fairness and Transparency: Processing is done fairly and transparently, with clear communication to data subjects.
  
  
• Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes only.
  
  
• Accuracy: Personal data is kept accurate, complete, and up to date.
  
  
• Storage Limitation: Data is retained only for as long as necessary to fulfill its intended purpose.
  
  
• Security: Appropriate security measures are in place to protect against unauthorized access, alteration, or disclosure.
  
  

3. Collection of Personal Data

We collect personal data either directly from you or from legally permitted sources. The types of data we may collect include:

• Identification Information: Name, surname, date of birth, gender, nationality, ID card or passport (if required by law or service).
  
  
• Contact Details: Address, phone number, email, LINE ID, Facebook ID, or other social media accounts.
  
  
• Technical Information: IP address, cookies, browser type, operating system, and device configuration.
  
  
• Service Usage Data: Details of your interactions with our services, including communication logs.
  
  
• Sensitive Personal Data: Only where strictly necessary and with explicit consent (e.g., health data, religious beliefs, ethnicity, etc.).
  
  

4. Purposes of Data Processing

Your personal data will be processed under an appropriate legal basis, such as consent, contract performance, legal obligations, vital interests, or legitimate interests, for the following purposes:

• Service Delivery: To develop, provide, and maintain software and technology solutions under contractual agreements.
  
  
• Communication: To contact, support, or respond to your inquiries.
  
  
• Service Improvement: To analyze and improve our products, services, and platform.
  
  
• Marketing & Promotions: To send you relevant offers or updates (only with consent or a legal basis).
  
  
• Internal Operations: For human resource management, accounting, audits, and business operations.
  
  
• Legal Compliance: To comply with applicable laws such as tax regulations, anti-money laundering laws, and PDPA obligations.
  
  
• Protection of Rights: To protect the rights and assets of the Company and other data subjects.
  
  

5. Disclosure of Personal Data

We may disclose your personal data to third parties in accordance with legal bases and only when necessary, including:

• Third-Party Service Providers: Such as cloud services, hosting providers, analytics platforms, marketing agencies, or consultants.
  
  
• Business Partners: In cases where collaboration is needed to deliver our services.
  
  
• Regulatory Authorities: Government agencies or regulatory bodies as required by law.
  
  
• Business Transfers: In case of mergers, acquisitions, or organizational restructuring.
  
  

In all cases, we ensure that appropriate safeguards, such as data processing agreements, are in place to protect your personal data.

6. Cross-Border Transfers of Personal Data

In certain circumstances, your personal data may be transferred to countries outside of Thailand. We will ensure that such destinations have adequate data protection standards or implement suitable safeguards (e.g., standard contractual clauses), or obtain your explicit consent where necessary.

7. Data Retention

We retain your personal data securely for as long as necessary to fulfill the purposes described in this Policy, comply with legal requirements, or exercise legal claims. Retention periods are based on the nature of the data and legal obligations.

8. Your Rights as a Data Subject

Under the PDPA, you are entitled to the following rights:

• Right to Access: Request access to or a copy of your personal data.
  
  
• Right to Rectification: Request corrections to your personal data.
  
  
• Right to Erasure: Request deletion or anonymization of your data when no longer legally required.
  
  
• Right to Restriction: Request to temporarily suspend processing of your data.
  
  
• Right to Object: Object to data processing in specific circumstances, such as direct marketing.
  
  
• Right to Withdraw Consent: Revoke your consent at any time (unless legally restricted).
  
  
• Right to Data Portability: Request your data in a structured, machine-readable format.
  
  
• Right to Lodge a Complaint: File a complaint with the Personal Data Protection Committee if you believe your rights have been violated.
  
  

To exercise these rights, please contact us using the details provided in Section 11.

9. Security Measures

We implement appropriate security measures in accordance with PDPA, including encryption, access controls, secure storage systems, system audits, and employee training, to prevent unauthorized access, use, alteration, disclosure, or destruction of personal data.

10. Policy Updates

We may update this Privacy Policy from time to time. Any changes will become effective upon being published on our website. We recommend reviewing this Policy periodically to stay informed of the latest updates.

11. Contact Information

For questions, concerns, or to exercise your data rights, please contact our Data Protection Officer (DPO):

Prowise Tech Co., Ltd.
Address: 100/436 Suwinthawong 38, Lam Phak Chi, Nong Chok, Bangkok 10530
Email: [email protected]
Phone: 02-096-2858

This Privacy Policy is effective as of 30 June 2025.