Privacy policy
Fortune Parts Industry Public Company Limited (FPI) recognizes the importance of privacy protection issues and the company believes that it is important to you. that you will know how the company handles personal information received from you.
Please carefully study the Personal Data Protection Policy and Protection Details for each sector and regularly review changes to the Personal Data Protection Policy, Protection details and other news of the company by following the news on the website and Facebook fan pages regularly.
PRIVACY POLICY
-
Policy
-
Website User
Privacy Policy of Fortune Parts Industry Public Company Limited
Fortune Parts Industry Public Company Limited (“the Company”) respects the right to privacy and emphasizes the protection of personal data that related to transactionwith the company. Therefore, it is important to have a data protection policy, and to have rules, mechanisms, regulatory measures and the management of personal information as follows:
1. Scope of application
This Privacy Policy is applicable to the performance of all employees, which means full-time employees, employees of employment contract specifying the expiration date of the contract, temporary worker and contractor including those who process personal data on behalf of the company.
2. Definition
2.1 “Personal Data” means information about an individual by which an individual can be identified whether directly or indirectly but does not include information of the deceased in particular.
2.2 “Sensitive Personal Data” means information that is truly personal to an individual, which are sensitive and may run the risk of unfair discrimination such as race, ethnicity, political opinion, religious beliefs or philosophy sexual behavior, criminal records, health information, disability, trade union information, genetic information, biological information or any other information which affects the owner of personal data in the same way as announced by the Personal Data Protection Committee.
2.3 “Processing” means the process of collecting, use, disclosure, deletion or destruction of personal data.
2.4 “Personal Data Subject” means an individual who is the owner of the Personal Data from which the Personal Data is personally identified in both directly or indirectly way.
2.5 “Personal Data Controller” means a person or juristic person who has the authority to make decisions about the collection, use or disclosure of personal data.
2.6 “Personal Data Processor” means a person or a legal entity who performs the collection, use or disclosure of personal data on the order or on behalf of the company, but this person is not a controller of personal data.
2.7 “Company” means Fortune Parts Industry Public Company Limited and its subsidiaries according to the consolidated financial statements of Fortune Parts Industry Public Company Limited.
3. Collection of personal information
3.1 The Company will collect personal data for the purpose, scope and use with rightful and fair methods. The collection will be done only to the extent necessary for the operation of the company’s objectives.
3.2 The company will proceed to inform the owner of the information and give consent by electronic or according to the company’s method. In case of sensitive personal data of the data subject is stored, the company will expressly obtain consent from the data subject prior to collection. Unless the collection of personal data and sensitive personal data is subject to exceptions as specified in the Personal Data Protection Act B.E. 2562 or other laws.
4. Purposes for collecting or using personal data
4.1 The company will collect or use the personal information of the data subject for the benefit of the company’s operations to improve the quality of operations to be more efficient and, or to comply with any laws or regulations relevant to the company’s operations. The company will store and use such information only for the necessary time and the purposes for which the data subject has been notified or as required by law.
4.2 The company will not take any action that different from those stated in the purpose of collection, unless
(1) notifying the new purpose to the data subject and obtaining the consent of the data subject
(2) It is in compliance with the Personal Data Protection Act or other relevant laws.
5. Disclosure of personal information
5.1 The company will not disclose the personal information of the data subject to any person without consent and will disclose it for the stated purpose.
5.2 The company may have a necessity in disclosing personal data of the data subject to its affiliates or other parties in both demoestic and international for the benefit of the company’s operations and providing services to the data subject. Fot disclosing personal information to such persons, the company will ensure that those individuals keep their personal information confidential and do not use it for any purpose other than the scope specified by the company.
5.3 The Company may disclose personal information of the information subject under the rules prescribed by law, such as disclosing personal information to government agencies, government agency regulators including in the event of a request to disclose information by virtue of law.
6. Security of personal information
6.1 The company will provide measures to maintain the security of personal data that are appropriate and consistent with the law, policies, regulations, requirements and practices on personal data protection for the company’s employees and other related parties.
6.2 The company supports and encourages employees to be knowledgeable and aware of their duties and responsibilities in collecting, keeping, using and disclosuring the data subject’s personal data in order for the company to properly comply with personal data protection policies and laws effectively.
7. Rights of the personal data subject
7.1 The right to request access and obtain a copy of personal data relating to oneself or requesting to disclose the acquisition of such personal data that he/she did not give consent
7.2 The right to object to the collection, use or disclosure of personal information about oneself
7.3 The right to request removal, destruction, or make personal information non-identifiable information to the person who owns the personal information
7.4 The right to request to suspend the use of personal data
7.5 The right to withdraw consent to the processing of personal data for which consent has been given. However, revocation of consent does not affect the collection, use or disclosure of personal data for which consent has been given.
7.6 The right to correct personal data
7.7 The right to transfer personal data
8. Supervision of personal data protection compliance
8.1 The company will provide a follow-up process in the event that the law changes, and constantly update personal data protection measures to be in line with the law.
8.2 The company will regularly review and update policies, standards, guidelines, procedures and other documents related to the protection of personal data in order to be up-to-date in accordance with the laws and circumstances of each period.
9. Roles, duties and responsibilities
9.1 The Board of Directors has roles, duties and responsibilities as follows:
(1) Regulate the creation of a personal data governance structure and related internal controls in order to comply with the law and privacy protection policy
(2) Supervise and support the company to carry out the protection of personal data to be effective and in accordance with the law.
9.2 Privacy Committee
Let the Company’s Risk Management Committee act as the Personal Data Protection Committee with the following roles, duties and responsibilities:
(1) Establish a personal data governance structure and relevant internal controls, including the Privacy Incident Management Policy and the Incident Response Program, to be able to identify and deal with unusual incidents related to personal data promtly.
(2) Evaluate the effectiveness of the company’s personal data protection policy, and report the results of such assessments to the Board of Directors on a regular basis at least once a year, and supervise to ensure that risks related to personal data are handled and appropriate risk management guidelines are in place.
(3) Determine and review operational standards and guidelines to ensure that the company’s operations are in accordance with the law and privacy protection policy.
(4) Appoint the Company’s Personal Data Protection Officer (FPI DPO)
The Company has appointed a Personal Data Protection Officer to perform an auditing duties, supervise and advise on the collection, use or disclosure of personal information, including coordinating and cooperating with the Office of the Personal Data Protection Commission to comply with the Personal Data Protection Act B.E. 2562 (2019). The company has appointed the Company Secretary and Information Technology Manager as Personal Data Protection Officer.
9.3 Executives have roles, duties and responsibilities in monitoring and controlling agencies that are in compliance with the personal data protection policy and promote awareness raising among employees.
9.4 The Company’s Personal Data Protection Officer (FPI DPO) has roles, duties and responsibilities as required by law. This includes the following duties:
(1) Regularly report the status of personal data protection to the Personal Data Protection Committee, and always make recommendations to improve the protection of personal data to be up-to-date and consistent with the law.
(2) To advise employees on the collection, use or disclosure of personal information relating to compliance with the law and the company’s personal data protection policy.
(3) Examine the operations of the agency to comply with the law and privacy policy.
(4) Coordinate the handling of complaints or requests to exercise the rights of the personal data subjects who have been contacted or requested from the personal data subjects.
(5) Coordinate and cooperate with the Office of the Personal Data Protection Commission in the event of a problem relating to the collection, use or disclosure of personal information of the company, subsidiaries and business partners.
(6) Notify the Office of the Personal Data Protection Commission of the incident of personal data breach within 72 hours from the knowledge of the incident.
9.5 Employees have the following roles, duties and responsibilities.
(1) Comply with the personal data protection policy, standards, guidelines, procedures and other documents related to the protection of personal data.
(2) Report unusual incidents related to personal data protection and non-compliance with the law and the company’s personal data protection policy and inform the supervisor.
10. Review and change of personal data protection policy
The company may improve or update this policy from time to time to comply with legal requirements and changes in the company’s operations including suggestions and opinions from various agencies. The company will clearly announce the changes.
11. Penalty for non-compliance with the Privacy Policy
Failure to comply with the personal data protection policy of Fortune Parts Industry Public Company Limited may result in an offense and subject to disciplinary action, including penalties as required by law.
Data Controller Contacting the Company
Fortune Parts Industry Public Company Limited
11/22 Moo 20, Nimitmai Road, Lam Luk Ka Subdistrict, Lam Luk Ka District, Pathum Thani Province 12150
Website : www.fpiautoparts.com
e-mail: info@fpiautoparts.com
Phone : 02-993-4970-7
Data Protection Officer (DPO)
Contact address: 11/22 Moo 20, Nimitmai Road, Lam Luk Ka Subdistrict, Lam Luk Ka District, Pathum Thani
Contact method: e-mail pdpa@fpiautoparts.com
Phone : 02-993-4970-7 ext. 108,297
This Privacy Policy is effective from May 1, 2022 according to the Board of Directors of Fortune Parts Industry Public Company Limited dated May 13, 2022.
sign
(Mr. Sompol Thanadumrongsak)
Managing Director
Privacy Notice Form for Users of The Company’s Website
Fortune Parts Industry Public Company Limited (“the Company”) (hereinafter referred to as “FPI.” or “We”) greatly emphasize on the importance of protection of personal data. To ensure users with the assurance that we will protect and treat their personal data in accordance with the data protection laws, we have established this personal information notification form to inform them about the processing of personal data, whether it is collected, used and disclosed (collectively, “processing”), which may occur during users visit to our website as well as informing users of their rights in their personal data and ways to contact us.
However, if users visit our website for a specific purpose, such as doing business with us, applying for a job, applying for an internship, application, applying for an event or study tour, etc.
1. Purpose for collecting, using or disclosing personal information
When users access the FPI website, we may collect, use or disclose users’ personal information for the following purposes
SECTION | OBJECTIVE | LEGAL BASE |
---|---|---|
1.1 | For the use of the website or access to various systems of FPI, and its subsidiaries or link to other websites, either FPI, FPI’s subsidiaries, or external entities. | Legitimate Interests Contractual Basis |
1.2 | To measure performance and market survey analysis and marketing strategies, including carrying out business planning, reporting and forecasting. | Legitimate Interests |
1.3 | To analyze, research and develop FPI’s products, services to be better and suited with user’s requirement. This includes collecting FPI’s website usage data to analyze the use of FPI website from website user for development and communication strategies. | Legitimate Interests |
1.4 | For risk management and oversight, including internal audit of the Internal Audit Office and management within the organization. | Legitimate Interests |
1.5 | In case website users would like to visit FPI company, we may evaluate personal data of those users for consideration, selection and confirmation of the visit as well as preparing for the facilities suitable for the group of people who will come to visit our company. | Legitimate Interests |
1.6 | In case you provide information via contact channel or make requests such as obtaining information from the Information Center, we may process your personal data for further contact regarding the request, complaints or information that you have provided to us, including considering the processing of requests, contact information, issuing a receipt (In the case of a fee or expense for copying information or submitting documents), fact check, keeping a record to track performance, and this information will be used for risk management, oversight, internal audit of the Internal Audit Office and management within the organization. | Legitimate Interests |
1.7 | When you download certain documents from our website, such as annual reports, sustainability report, annual reports in the form 56-1, One Report, etc, we may request additional personal information from you to contact and send surveys to ask for opinions. This information will be analyzed to develop of FPI report and to meet the interests of the reader. | Legal Obligation Legitimate Interests |
1.8 | When you access our website, we are obliged to collect, use or disclose certain personal information of the users of the website for legal compliance, investigation, legal and other regulatory processes, and reporting or disclosing information to government agencies, independent organizations or any other agency by virtue of law or court order, including the establishment of legal claims, compliance or exercise of legal claims, or raising the defense of legal claims. | Legal Obligation Legitimate Interests |
Personal data that FPI collects due to the need to perform a contract or compliance with various laws. If you do not provide such necessary personal data, FPI may not be able to provide you services or facilities.
2. Collection of personal data and personal data that may be collected
(2) Information about work such as occupation, name of your company/organization, and position/department, etc.
(3) Contact information such as address, telephone number, e-mail address, etc.
(4) User account information and password, only in the case of accessing various systems of FPI and FPI’s subsidiaries.
In your use of the FPI website, FPI. is generally not intended to collect or use sensitive personal information such as religion, ethnicity, etc., of you or any other person for any specific purpose. You do not need to specify or mention such information However, if there are cases where FPI needs to use the information for any purpose, FPI will inform you and obtain your consent on a case-by-case basis.
4.3 Agents, contractors/subcontractors and/or service providers for any operations to FPI such as auditors, lawyers, legal advisors, website developer, the contractor who is taking care of public relations in various channels, etc.
In case FPI asks for your consent, you have the right to withdraw your consent to the processing of personal data that you have given consent to FPI unless the revocation of consent is restricted by law or contract to your benefit.
The revocation of consent will not affect the lawful processing of personal data for which you have given consent.
11/22 Moo 20, Nimitmai Road, Lam Luk Ka Subdistrict, Lam Luk Ka District, Pathum Thani Province 12150
Website : www.fpiautoparts.com e-mail: info@fpiautoparts.com
Phone : 02-993-4970-7
Contact address: 11/22 Moo 20, Nimitmai Road, Lam Luk Ka Subdistrict, Lam Luk Ka District, Pathum Thani
Contact method: e-mail pdpa@fpiautoparts.com
Phone : 02-993-4970-7 ext. 108,297