Privacy Policy

1. About True Internet Data Center Co., Ltd.

True Internet Data Center Co., Ltd. (True IDC) ( “True IDC” or “Company”) recognizes the importance of protecting personal data and privacy. The company respects the privacy and confidentiality of data subjects. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide to us, in compliance with the Personal Data Protection Act B.E. 2562 (2019) of Thailand (PDPA). We have developed this Privacy Policy to assist you in understanding how we collect, use, disclose, process and retain your Personal Data as well as your rights as a data subject. In the event that you have a privacy concern or question related to this Privacy Policy, please feel free to contact us at:

Contact address : True Internet Data Center Co., Ltd.
18 True Tower, 14th Floor, Ratchadapisek Road, Huai Khwang, Bangkok 10310, Thailand
Contact Channel: Email [email protected] and Call Center 0 2494 8300

When we receive your questions or concerns, our representative will contact you within a reasonable timeframe to provide a response.

2. What is personal data?

“Personal Data” means any information relating to a natural person who can be identified, directly or indirectly, but excludes information of deceased persons. “Sensitive Personal Data” means Personal Data relating to matters such as religion, criminal records, health information (e.g., blood type, medical history), and biometric data (e.g., fingerprints, facial recognition).

3. What personal data we will collect

We collect Personal Data in connection with the provision of services, administrative activities, and related transactions, as outlined below:

Category Examples of Personal Data
Identification Personal Details Full name, age, date of birth, gender, height, nationality, photograph, national identification number, passport number, identification code, education background, employment history, signature, and vehicle registration number
Contact Details Residential address, office address, telephone number, mobile number, email address, and social media contact information
Service Data Device information used to access the website, log data, communication records with other users, job log data (e.g., device ID, IP address, device code, device type), mobile network and connection data, geolocation, browser type, website access logs, referring sites, browsing history, login logs, user behavior data, website visit statistics, access timestamps, search queries, and feature usage; including data collected via cookies or similar technologies, area access logs, and images or video recordings from CCTV systems
Employment Details Licenses, certifications, welfare and benefit information, work performance data, disciplinary records, information of related individuals (e.g., family members, guarantors, referees, emergency contacts), social security data, and bank account information
Sensitive PII Religion, criminal records, health-related information (blood type, health records), biometric data (finger prints, facial recognition)
Other Marital status, interests, feedback or comments, CCTV photos or recordings, travel-related information, and requests to exercise rights under the PDPA

4. The sources of personal data

4.1 The Company may collect Personal Data directly from you by various service processes including:

  • When you sign up for or receive one of our services, or submit a request to exercise your data subject rights;
  • When you voluntarily respond to our surveys, emails or any other means between you and the Company;
  • When you use our service;
  • When you visit the Company's website through your browser’s cookies;
  • When you visit and interact with the Company’s website and social media platforms;
  • When you participate in marketing events, visit our booths and attend any events, whether they are workshops or exhibitions, or participate in questionnaires, competitions or lucky draws;
  • Once you have entered into one of our areas/buildings; and
  • When you apply for a position/internship with True IDC.

4.2 The Company may also collect your Personal Data from third-party sources or organizations where you have given lawful consent for such disclosure. Such data may be used solely for the purposes of providing news, product or service updates, or activity announcements through communication channels including, but not limited to, email or telephone. We will process such data in compliance with applicable data protection laws and in accordance with this Privacy Policy.

5. Purpose and lawful basis to process personal data

Lawful Bases Activity/Purpose to Process Personal Data
Legal Obligation
  1. To comply with applicable laws, regulations, and requirements imposed by government agencies or regulatory authorities having jurisdiction over the Company (if any);
Performance of Contract
  1. To perform our obligations under a contract to which you are a party, or to take necessary steps at your request prior to entering into such contract;
  2. To facilitate payment notifications and payment processing;
  3. To identify and/or verify your identity in the course of registering for our services;
  4. To process payments related to the use of our services;
  5. To provide after-sales support, respond to inquiries, resolve issues, manage complaints, offer compensation, and handle other service-related requests;
  6. To consider your job or internship application or service provision, conduct interviews, and carry out related recruitment procedures; and
  7. To perform duties and obligations under an employment or service agreement with you.
Legitimate Interest
  1. To respond to inquiries and provide information to individuals who are interested in the Company’s services;
  2. To improve and enhance the efficiency and quality of the Company’s services;
  3. To ensure the security of the Company’s information systems and service networks, including monitoring systems and user activity to detect any activities that may pose a risk to you, third parties, or the Company.
  4. To ensure the physical security of the Company’s facilities and premises, including by installing and operating CCTV systems for safety and crime prevention purposes; and
  5. To perform contractual obligations where the Company has entered into a contract with a legal entity that you represent (if you are acting on behalf of such entity).
Consent
  1. To inform and offer benefits, updates, promotions, and commercial offers related to the application, purchase, or use of products or services of the Company and/or its business partners; and
  2. To create, improve, manage, and analyze marketing strategies, campaigns, and promotions for the Company’s and/or its business partners’ products and services; and to upload activity photos or user-generated content (including your image or comments) on the Company’s website or social media platforms for promotional and corporate image-building purposes.
Protect vital interest
  1. To contact the data subject or relevant emergency personnel in the event of a health emergency or accident occurring while the data subject is working with or receiving services from True IDC

6. How we process your personal data

After receiving Personal Data from various data sources, the Company will collect, use and/or disclose your Personal Data for the purposes specified in the previous section and will process your Personal Data only to the extent permitted by law based on a valid legal basis under applicable laws.

The Company may disclose Personal Data and related service usage information as described in Clause 3 above to business partners of the Company, government agencies, customer support service providers, marketing and advertising management service providers, business consultants and any juristic persons or any other persons which the Company and/or you are a party to or has legal relations any entities or individuals with whom the Company and/or you have entered into contractual or legal relationships.

In addition, the Company may be required to send your Personal Data to regulatory authorities for investigation and may use the results of such data audits for fraud prevention purposes. The Company may disclose your information to individuals or juristic persons outside of the companies in True Group, where the Company sells, transfers, acquires, or merges parts of its business or assets, or vice versa. There may be a plan to acquire or merge with external persons or entities. In the event that there is a change in the Company's business where parts are sold, acquired or merged with other companies, as the case may be, your information may be used in the same way as described in this Privacy Policy.

In the event that the Company employs other persons to act as a Personal Data processor, the Company will investigate Personal Data protection measures and arrange to sign an agreement to control and protect Personal Data appropriately and in accordance with the rules prescribed by law.

In certain circumstances, we may need to transfer your Personal Data to another person, foreign branch offices or international organizations in countries that may not provide an adequate level of Personal Data protection (Appropriate Safeguards) as determined by the Personal Data Protection Committee. In such case, the Company will ensure that the transfer is lawful and complies with the legal requirements.

The Company conducts internal and external audits on a regular basis to safeguard Personal Data.

7. How we keep your personal data and for how long

The Company has information security measures in place to safeguard and determine the retention period of your Personal Data, as follows:

  • We keep your Personal Data either on printed paper (hard copy) or in an electronic document system (soft copy) with appropriately secured measures to prevent loss, unauthorized access, change and disclosure of your Personal Data.
  • We have in place procedures to deal with any suspected breaches of Personal Data. In case of a complaint regarding a breach of data privacy or Personal Data leakage, our security team will immediately investigate and take appropriate corrective action.
  • We will not keep your Personal Data for longer than necessary to fulfill the purposes for which it was collected, used, or disclosed. We will keep your Personal Data during the term of the contract, or for the period necessary to establish, exercise, or defend legal claims. Generally, the Company retains Personal Data for a period of ten (10) years from the termination of the relationship with you, unless otherwise required by law.
  • When your Personal Data, which we collect, use and process, is no longer required for the purposes or where we no longer have a lawful basis to retain it under applicable laws, we will erase, destroy, or anonymize your Personal Data within a reasonable period to ensure it can no longer be used to identify you.

8. Your rights as a data subject

When the relevant provisions of the PDPA are enforced, you, as the data subject, will have rights in relation to Personal Data, as follows:

8.1 Right to withdraw consent

  • You have the right to withdraw your consent at any time, unless such withdrawal is restricted by law or affects contractual obligations that are for your benefit.
  • You may withdraw your consent to the processing of your Personal Data at any time while the Company continues to retain such data.
  • If withdrawing consent affects the Company’s ability to provide certain products or services, we will inform you of the consequences of such withdrawal.

8.2 Right to access

  • You have the right to request access to and obtain a copy of your Personal Data that is being processed by the Company.

8.3 Right to data portability

  • You have the right to request the Company to transfer your Personal Data that you have provided to us to another data controller, or to receive such Personal Data directly from us, where technically feasible. This right applies only to Personal Data that was provided with your consent or collected for the purpose of fulfilling a contract with you.

8.4 Right to object

  • You have the right to object to the processing of your Personal Data where there is a legitimate ground.

8.5 Right to erasure

  • You have the right to request the erasure or destruction of your Personal Data in certain circumstances, such as when the data is no longer necessary, consent is withdrawn, or the processing is unlawful.

8.6 Right to restriction of processing

  • You have the right to request the restriction of the processing of your Personal Data in certain circumstances, such as during the verification of accuracy or the lawfulness of processing.

8.7 Right to rectification

  • You have the right to request that the Company correct any inaccurate or outdated Personal Data, and complete any incomplete data. The Company will investigate and rectify the data accordingly.
  • If a request to correct your Personal Data is submitted, the Company may, where necessary, require you to verify your identity or provide additional supporting documents.

8.8 Right to make a complaint

  • You have the right to lodge a complaint with the Personal Data Protection Committee or its office if you believe that the Company has violated or failed to comply with the PDPA.

You may contact the Company to exercise any of the above rights via the contact details in Clause 1 or other channels as specified by the Company. You will not be charged a fee for exercising your rights. However, the Company reserves the right to charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.

The Company may refuse requests that are made in bad faith, are unreasonable, are not provided for by law, and/or are technically or legally unfeasible. The Company also reserves the right to reject your request in accordance with the criteria set forth under applicable law.

You may file complaints or raise concerns regarding your Personal Data, including but not limited to, requests for correction, updates, objections to collection, or cessation of data usage, via email at[email protected]

9. Your refusal to give us your personal data

The Company may be legally required to collect your Personal Data or to do so in order to enter into or perform a contract with you. If you choose not to provide such required Personal Data, the Company may not be able to offer or continue to provide certain products or services to you.

Other than where the Company processes your Personal Data to perform a contract or to comply with legal obligations, if you do not consent to the processing of your Personal Data, you may still be able to access our services. However, certain functionalities or service features may be limited, as the Company may not be able to process your Personal Data to its full extent without your consent.

10. Cookies Policy

This website uses cookies and other comparable technologies to distinguish the way in which a user uses the website in order to give each user a good experience from using the Company’s services and to improve the quality of the Company’s services to better meet each user’s needs. For more information, please refer to our Cookies Policy at: https://www.trueidc.com/en/cookies-policy

11. Collection and use of personal data for the original purpose

The Company will process the Personal Data in accordance with applicable laws and reserves the right to continue collecting and using Personal Data obtained prior to the effective date of the PDPA provisions governing the collection, use, and/or disclosure of Personal Data, for the same original purposes for which it was initially collected. If you do not wish the Company to continue collecting or using such Personal Data after the PDPA takes full effect, you may withdraw your consent through the channels to be announced by the Company.

12. Privacy policy of other websites

This Privacy Policy applies only to the Company's products, services, and websites. It may, however, contain links to third-party websites or services. The Company does not control and is not responsible for the collection, use, or disclosure of your Personal Data by such third-party websites or services, nor for their privacy practices.

13. Changes to our Privacy Policy

The Company may update or amend this Privacy Policy from time to time to reflect changes in applicable laws, regulations, or operational requirements. The Company reserves the right to modify this Privacy Policy by posting the updated version on its website or through other communication channels, without prior notice.

This Privacy Policy was issued on and effective from 25 July 2025 (Version 3.0)