wisework

Privacy Policy

The Wise Work Company Limited, hereinafter referred to as the “Company,” recognizes the importance of protecting personal information and complies with the Personal Data Protection Act 2019. Personal data protection is a part of social responsibility and forms the foundation for building reliable business relationships with customers. The company adheres to compliance with the framework of personal data protection laws.

The Company has, therefore, created a Privacy Policy to establish guidelines and practices for protecting personal information.

Scope
This personal data protection policy informs service users about their rights and duties, along with various conditions for collecting, using, and disclosing personal information. The policy applies to individuals involved in data management throughout the company’s data lifecycle, including consultants, employees, job applicants, interns, external agencies, or outsiders working on behalf of or with the company. It outlines the purpose and details regarding the collection, use, and disclosure of personal information, as well as legal rights related to personal data. The Company collects, uses, and discloses personal data to achieve the purposes of applying for a job, employment, or internship.

Personal information collected, used, and disclosed outside of relationships related to job applications, employment, or internships, such as information obtained from the use of the Company’s products or services, does not fall under the scope of this policy.

Definition

Personal Information: Information about an individual that enables the identification of that person, whether directly or indirectly. However, it does not include specific information about deceased individuals, such as first name, last name, nickname, email, telephone number, or address. 

Data Subject: A person who can be identified by that personal data, whether directly or indirectly. 

Biological Data : Personal data resulting from the use of techniques or technology involving the physical or behavioral characteristics of a person to confirm their identity, differentiating them from others. Examples include facial image simulation data, iris simulation data, or fingerprint simulation data. 

Personal Data Controller: The person with the authority to make decisions regarding the collection, use, or disclosure of personal information. 

Data Processor: The person who carries out the collection, use, or disclosure of personal data according to the order or on behalf of the personal data controller. 

Data Processing: Any operation performed on personal data or sets of personal data, whether by automatic means or not. This includes collecting, recording, organizing, structuring, modifying, receiving, considering, using, disclosing by transmission, disseminating, or any other act resulting in availability, use, arrangement, combination, restriction, deletion, or destruction. 

Application: A program or set of instructions used to control the operation of mobile computers and various peripheral devices to work according to instructions and respond to user needs. Applications must have a User Interface (UI) to act as a middleman for various functions. 

Cookies : Small pieces of information sent by the company’s website to any computer or electronic device connected to the Internet to collect personal information. Cookies are sent back to the originating website each time a user returns. 

Office: The Office of the Personal Data Protection Commission. 

Employee : Executives, employees, or workers performing tasks for Rice Consulting Company Limited.

Personal Information Collected, Used, and Disclosed

Personal information is data that identifies an individual, whether directly or indirectly (excluding information about the deceased), including:

1. Personal information provided directly to the company, such as details from job applications, support requests, interviews, internships, or employment applications.

2. Personal information received or accessed from sources other than the individual, like government agencies, financial institutions, business partners, credit information companies, and data providers. The company collects information from other sources only with consent or when necessary and permitted by law.

The personal information collected, used, and disclosed includes:

  • Personal details like first name, last name, gender, age, date of birth, national identification number, passport number, educational and work history, licenses, and bank account numbers.
  • Contact information such as addresses, telephone numbers, emails, Line IDs, and social media details.
  • Information about employment, such as job position, organizational role, various affiliations within the organization, wages, other compensation, utilization of benefits, recording of working hours, leave of absence, appointments, transfers, changes of position, probationary evaluations, performance assessments, skills assessments, personality and behavioral evaluations, investigations, and disciplinary actions (except for matters related to sexual behavior).
  • Device or tool information such as IP address, MAC address, Cookie ID, and IMEI.
  • Third-party information like family member details, beneficiary information, emergency contacts, and referrals.
  • Other information, such as opinions, preferences, hobbies, written examination results, audio recordings, still images, moving images, and participation in various activities or campaigns organized by the company, as well as any other information considered personal information according to the law.
Purposes for Collecting, Using, and Disclosing Personal Information

The Company will collect, use, and disclose personal information for the purpose of performing duties as an employee or personnel of the Company, or for any other benefits as specified in this policy.

1. Contractual Basis: This involves complying with the contract to which you are a party, such as an employment contract, an internship contract, or any other contract. It is also applicable for processing your request/application before entering into a contract or for the necessity to provide services or comply with the contract between the data owner and the company, as the case may be.

2. Legal Obligation: This pertains to performing duties according to the law, specifically the duties of the company as an employer or in any other capacity.

3. Legitimate Interest: This involves serving the legitimate interests of the company or another person or legal entity within the limits that you can reasonably expect. It may also be for other purposes as permitted by law.

Disclosure of Personal Information

The Company may disclose personal information to others under your consent or other legal bases for the purposes specified in this policy. This includes personal data processors, external service providers both domestic and international, company representatives, external agencies or companies that the company visits to study and subcontract work, financial institutions, auditors, external auditors, legal authorities, those interested in receiving the transfer of rights and/or the transferee of rights, or various mergers and acquisitions of the company. Any juristic person/person who has a relationship or has a contract with the company, including executives, employees, and consultants of the company, and the person or agency that receives such information.

Sending or Transferring Personal Information Abroad

The Company conducts business in many countries. It may be necessary for the Company to send or transfer your personal information to the same business abroad. This could be the country where you work or to other recipients of information. This is part of the Company’s normal business operations, such as sending or transferring personal information to be stored on servers/clouds in various countries. In the case that the destination country does not have sufficient standards, the Company will take care of sending or transferring personal information in accordance with the cases specified by law. The Company will implement personal data protection measures and remedial measures as deemed necessary and appropriate in accordance with the standards of confidentiality required by the laws of that country. For example, requiring data recipients to have measures in place to maintain the security of personal information comparable to the Company’s measures. Confidentiality agreements are in place with recipients of information in those countries. In cases where the recipient of the information is the same business company, The Company may choose to use a method to have a personal data protection policy that has been inspected and certified by relevant legal authorities. The company will proceed with the sending or transfer of personal data to business companies of the same person abroad in accordance with the said personal data protection policy instead of proceeding as required by law.

Period of Storing Personal Information
The Company will retain your personal information for the necessary period while you are an applicant or employee of the Company or throughout the period necessary to achieve the objectives involved in this policy. This information may need to be preserved thereafter if required or permitted by law.
Personal Information Protection

The Company will carefully maintain your personal information in accordance with technical and administrative measures (organizational measure) to maintain appropriate security in the processing of personal data and to prevent violations of personal information. The Company has established policies, regulations, and criteria for protecting personal information, such as information technology system security standards and measures to prevent recipients of information from leaving the company. Use or disclose information outside of the intended purpose or without authority or illegally. The Company periodically updates such policies, regulations, and criteria as necessary and appropriate.

In addition, the company has determined that employees and recipients of information from the company have a duty to keep personal information secret and secure according to the measures set by the company when any action must be taken with your personal information.

Rights of the Data Subject
Your rights are legal entitlements that you should be aware of. You can request to exercise various rights under the provisions of the law and policies currently established, or that may be subject to additional amendments in the future, as well as the criteria set by the company.
 
Right to Withdraw Consent: If you have given consent for the company to collect, use, and disclose your personal information (whether it is the consent given before the effective date of the Personal Data Protection Law or after), you have the right to withdraw your consent at any time throughout the period that your personal data is with the company, unless there is a legal restriction on that right or there is a contract that benefits you.
However, withdrawing your consent may affect you, so it is advisable to study and inquire about the effects before revoking your consent.
 
Right to Request Access to Information: You have the right to request access to your personal information that is under the responsibility of the company and request the company to make a copy of that information for you. This includes asking the company to disclose how your personal information was obtained without your consent.
 
Right to Request Data Portability: You have the right to request your personal information in a format that can be read or generally used by tools or devices that work automatically and can use or disclose personal information by automatic means. This includes the right to request the company to transmit or transfer personal data in such a form to another data controller when this can be done by automated means. You also have the right to request the company to send or transfer personal data in such a form directly to another data controller, unless it is impossible due to technical reasons.
 
Right to Object: You have the right to object at any time if the collection, use, and disclosure of your personal information are for the legitimate interests of the company, or of another person, or to carry out missions for the public benefit. If you submit an objection, the company will continue to collect, use, and disclose your personal information only if it can be legally shown to be more important than your basic rights or is for the purpose of confirming compliance with the law or fighting legal suits according to each case.
 
Right to Request Deletion or Destruction of Information: You have the right to request the deletion or destruction of your personal information or to make it information that cannot identify you personally. This is applicable if you believe that your personal information has been collected, used, and disclosed in violation of relevant laws or if the company no longer needs it for the purposes involved in this policy, or when you have exercised the right to withdraw consent or exercised the right to object as stated above.
 
Right to Request Suspension of Data Use: You have the right to request a temporary suspension of the use of your personal information while the company is currently investigating your request to exercise your right to correct personal information or object, or in any other cases in which the company no longer needs your personal information and it must be deleted or destroyed in accordance with relevant laws, but you request the company to suspend use instead.
 
Right to Request Correction of Information: You have the right to request that your personal information be corrected, kept current, complete, and not cause misunderstandings.
 
Right to Complain: You have the right to complain to the relevant legal authority if you believe that the collection, use, and disclosure of your personal information are done in a manner that violates or does not comply with relevant laws.
 
Exercise of Rights: The exercise of your rights as mentioned above can be done by submitting your request to the Company. However, the exercise of your rights may be limited under applicable law, and there are some cases where the company may refuse or be unable to process your request to exercise your rights above, such as having to comply with the law or court order, for public benefit, or if the exercise of rights may violate the rights or freedoms of others, etc. If the company rejects the above request, it will inform you of the reason for the denial.

If you have any questions or wish to correct, delete information, exercise your rights, or contact us about other matters related to your information, please contact us through the channels provided below.

The wiseworks Co.,Ltd.
179/98 Soi Ruam Mit Phatthana Yak 8, Tharaeng, Bangkhen, Bangkok 10220
Call us: 02-000-0323
Email: info@thewiseworks.com

Announced on May 8, 2023.
error: Content is protected !!