Privacy Policy

1. Who are we?

True Internet Data Center Co., Ltd. (True IDC) (the “True IDC” or “Company”) is aware of the importance of data privacy protection. The company respects the privacy and confidentiality of Data Subject. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the Personal Data you provide to us, in compliance with the Thailand Personal Data Protection Act B.E. 2562 (2019) (PDPA). We have developed this Privacy Policy to assist you in understanding how we collect, use, disclose, process and retain your Personal Data as well as your rights as a data subject. In the event that you have a privacy concern or question related to this Privacy Policy, please feel free to contact us at:

Contact location: True Internet Data Center Co., Ltd.
True IDC - North Muangthong (Muangthongthani Data Center) 8th Floor, 47/553-560 New Geneva, Pak Kred, Nonthaburi 11120 Thailand
Contact Channel: Email: [email protected] and Call Center 0 2494 8300

When we receive your questions or concerns, our representative will contact you to respond within a reasonable time.

2. What is personal data?

“Personal Data” means any information relating to an identified or identifiable natural person, directly or indirectly, but not including the information of deceased persons in particular.
“Sensitive Personal Data” means Personal Data relating to religion, criminal records, health-related information (blood type, health records, etc.) and biometric data (finger prints, facial recognition, etc.).

3. What personal data we will collect

We collect Personal Data relating to our present service, administration or transactions, as follows:

Category Examples of Personal Data
Identification Personal Details Name-surname, age, date of birth, height, nationality, photo, ID number, passport number, ID code, education record, work experience, gender, autograph and license plate number
Contact Details Address, office address, mobile / telephone number, email address and other social media accounts
Service Data Data about the device that you used to enter into the website, log files, data about the communication between you and other users and data from job logs such as device identification, IP addresses of computers, device identification code, type of device, mobile network information, connection data, geographic location information, browser information, website log data, referring websites, website usage history, login log, customer behavior, website access statistics, access time, search data and usage of various functions on the website as well as data that the Company has stored as cookies or other similar technology, area access data, photos and videos from CCTV
Employment Details Licenses, certificates, information relating to welfare and benefits, operation information, disciplinary information, related persons’ information (family, work guarantor, reference person, emergency contact person), social security information, bank account number
Sensitive PII Religion, criminal records, health-related information (blood type, health records), biometric data (finger prints, facial recognition)
Other Marital status, interest, comments, photos or videos from CCTV, travel information, request to use rights under the PDPA

4. The sources of personal data

4.1 The Company receives Personal Data directly from you by various service processes including:

  • When you sign up for or receive one of our services, including the processes of filing requests to exercise your rights;
  • When you voluntarily respond to our surveys, emails and any other means between you and the Company;
  • When you use our service;
  • When you visit the Company's website through your browser’s cookies;
  • When you visit and interact with the Company’s website and social media platforms;
  • When you participate in marketing events, visit our booths and attend any events, whether they are workshops or exhibitions, or participate in questionnaires, competitions or lucky draws;
  • Once you have entered into one of our areas/buildings; and
  • When you apply for a position/internship with True IDC.

4.2 We may receive Personal Data about you from third parties who are lawfully allowed to disclose your information and subcontractors that assist the Company to process the application and provide services by email, phone or documents in which the person disclosing such information has the right to provide personal information lawfully or to be informed through various service processes in the Company that collect the information itself as described above.

5. Purpose and lawful basis to process personal data

Lawful Bases Activity/Purpose to Process Personal Data
Legal Obligation
  1. Comply with any applicable laws and regulations of regulatory authorities which regulate the Company (if any); and
  2. Manage contagious diseases and epidemics, such as COVID-19, under related applicable laws or regulations.
Performance of Contract
  1. Provide our service according to the contract to which you are our contracting party and take steps as your request before entering into a contract;
  2. Facilitate payment notices and payment services;
  3. Identification and/or verification in registering for our services;
  4. Facilitate service payments related to service usage;
  5. Provide after-sales services, respond to your questions/concerns and facilitate any enquiries, suggestions, requests or complaints in respect of our services, compensation and resolving issues;
  6. Consider for your job applications/internships, interviews and other processes related to your job applications/internships; and
  7. Work under an employment contract.
Legitimate Interest
  1. Respond to your questions/concerns and provide information to persons who are interested in our services;
  2. Improve and develop our services;
  3. Protect and keep our services and networks secure as well as monitor customer activities and protect your personal safety and rights and the safety of others and the Company;
  4. Protect and maintain our place of business and True retail shops and service stores to be secure by using, for example, closed circuit security cameras for safety and crime prevention; and
  5. Contact in emergency or necessary cases.
Consent
  1. Inform and offer privileges, information, promotions and offers relating to the application, buying or selling of products or services of the Company and/or its business partners; and
  2. Create, improve, manage and analyze our marketing plan and activities including products and services and/or business partners of the Company, upload photos of activities which contain you or your comments on our website or other social media platforms for the purpose of activities relating to promotion and supporting our image.

6. How we process your personal data

After receiving Personal Data from various data sources, the Company will collect, use and/or disclose your Personal Data for the purposes specified in the previous section and will process your Personal Data only to the extent permitted by law (i.e., it has a lawful basis for processing the data).

The Company may disclose Personal Data and any information about your use of the service or any other information that the Company collected as described in section 3 above to business partners of the Company, government agencies, customer support service providers, marketing and advertising management service providers and business consultants including any juristic persons or any other persons which the Company and/or you are a party to or has legal relations.

In addition, the Company may be required to send your Personal Data to regulatory authorities for investigation and may use the results of such data audits to prevent fraud. The Company may disclose your information to individuals or juristic persons outside of the companies in True Group, where the Company may sell or transfer some of its business or assets, or vice versa. There may be a plan to acquire or merge with external persons or entities. In the event that there is a change in the Company's business where parts are sold, acquired or merged with other companies, as the case may be, your information may be used in the same way as described in this Privacy Policy.

In the event that the Company employs other persons to act as a Personal Data processor, the Company will investigate Personal Data protection measures and arrange to sign an agreement to control and protect Personal Data appropriately and in accordance with the rules prescribed by law.

In certain circumstances, we may need to transfer your Personal Data to another person, foreign branch offices or international organizations in countries that may not have appropriate safeguards. In such case, the Company will ensure that transferring such information is lawful as specified by the Personal Data Protection Committee.

We conduct internal and external inspections for customer data protection on a regular basis.

7. How we keep your personal data and for how long

The Company has information security measures to keep and track the retention period of your Personal Data, as follows:

  • We keep your Personal Data either on printed paper (hard copy) or in an electronic document system (soft copy) with appropriately secured measures to prevent the loss, unauthorized access, change and disclosure of your Personal Data.
  • We have in place procedures to deal with any suspected breaches of Personal Data. In case of substantiated complaints regarding breaches of customer privacy and losses of Data Subject, our security team will immediately investigate to resolve the issue.
  • We will not keep your Personal Data for longer than we deem necessary for the purposes of our collection and processing. We will keep your Personal Data for a duration within the effective period of the contract, within the period of the exercise or in defense of legal claims. We will generally retain your Personal Data for ten (10) years from the end of the last transaction with the Company.
  • When your Personal Data, which we collect, use and process, is no longer required for the purposes or allowed to be kept under applicable laws, we will erase, destroy, aggregate and/or anonymize your Personal Data to an extent that it no longer identifies you within a reasonable time.

8. Your rights as a data subject

When the relevant provisions of the PDPA are enforced, you, as the data subject, will have rights in relation to Personal Data, as follows:

8.1 Right to withdraw consent

  • When you give us your consent for specific purposes, you have the right to withdraw your consent for your specific purposes at any time, unless there are restrictions on legal rights or in connection with the contract that benefits you.
  • You have the right to withdraw your consent about processing your Personal Data at any time that your Personal Data is with the Company.
  • In the event that you exercise the right to withdraw your consent and this prevents the Company from delivering products or providing certain services to you, the Company will inform you about the effect of withdrawing your consent.

8.2 Right to access

  • You have the right to request access to and obtain a copy of your Personal Data and obtain your Personal Data which is being processed by us.

8.3 Right to data portability

  • You are entitled to request us to send or transfer your Personal Data to other data controllers or directly receive your Personal Data for some reasons. However, the right to data portability applies only to the Personal Data that you submit to the Company. The collection, use and/or disclosure of such Personal Data must be made with your consent or where such Personal Data is necessary to be collected, used and/or disclosed in order to fulfill the Company’s obligations under a contract.

8.4 Right to object

  • You have the right to object to the processing of your Personal Data for some reasons.

8.5 Right to erasure

  • You have the right, in certain circumstances, to request the erasure of your Personal Data.

8.6 Right to restriction of processing

  • You are entitled to have the right, in certain circumstances, to restrict the processing of your Personal Data.

8.7 Right to rectification

  • You have the right to ask for any inaccurate Personal Data held or processed by us to be corrected, and any incomplete data to be completed. We will investigate and correct any inaccurate or incomplete Personal Data.
  • Where a request to rectify inaccurate Personal Data is received, we may, in certain circumstances, request you to provide proof of your identity or to provide additional documents and/or required information.

8.8 Right to make a complaint

  • You have the right to make a complaint to the Personally Identifiable Information Protection Committee or their office in the event that the Company does not comply with the PDPA.

You may contact the staff of the Company to file a request to proceed with the above rights, as detailed in section 1, or contact designated channels specified by the Company. You do not have to pay a fee to use your rights, however, a fee may be charged accordingly if your request is deemed as unfounded, repetitive or excessive.

The Company has the right to refuse a dishonest exercise of a right, unreasonable requests, requests that are not provided by law and/or requests that cannot be fulfilled. In addition, the Company has a right to reject your request in accordance with rules stipulated by the law.

You may file a complaint and report problems about personal data, including but is not limited to, the request for the Data Controller to correct or update the personal data and/or object to data storage or to terminate data usage at: email [email protected]

9. Your refusal to give us your personal data

The Company is legally obligated to collect Personal Data or make a contract between you and the Company. In the event that you choose not to provide Personal Data, the Company may not be able to provide services to you..

In addition to cases where the Company processes Personal Data to perform the contract and complies with the law, where you do not give consent to process your Personal Data, you may still be able to use the Company’s services. However, there may be less convenience in your use of the Company’s services because the Company has not obtained your consent to process your Personal Data to provide such services effectively.

10. Cookies Policy

This website uses cookies and other comparable technologies to distinguish the way in which a user uses the website in order to give each user a good experience from using the Company’s services and to improve the quality of the Company’s services to better meet each user’s needs. You can find more details in our Cookies Policy here: https://www.trueidc.com/th/cookies-policy

11. Collection and use of personal data for the original purpose

The Company will process the Personal Data under the currently applicable law and the Company is entitled to continue to collect and use the Personal Data which has been collected before the effective date of the provisions relating to the collection, use and/or disclosure of Personal Data under the PDPA for the current purposes. In the event that you no longer want the Company to collect and use such Personal Data after the PDPA is fully enforced, you may withdraw your consent through the channels which will be further publicized by the Company.

12. Privacy policy of other websites

This Privacy Policy only applies to our products, services and our websites. However, it may contain links to third-party websites and services. We have no control over how third-party websites and services process your Personal Data, and we are not responsible for such third-party websites and services or their privacy practices.

13. Changes to our Privacy Policy

The Company will update and alter this Privacy Policy from time to time to be compatible with the changing laws, regulations or operational requirements. The Company reserves the right to change this Privacy Policy on the website or any channels without prior notice.

This Privacy Policy was issued on 18 March 2022 (Version 2.0)