Privacy Policy


Asia-Pacific Risk Consultants (Thailand) Limited (“We” or “APRC”) is Thailand-based Insurance Broker and Risk Management Consultant. 


In order for us to provide our services, we may need to collect, use and disclose certain personal data of the persons involved. As we value your privacy and is committed to protecting your personal data in a transparent manner and according to the principles of the Personal Data Protection Act B.E. 2562 (“PDPA”), we have prepared the Privacy Policy (“Policy”) in order to provide you with importance information regarding our collection, use and disclosure of your personal data. 


 1.Scope of this Policy 

This Policy applies to you if:


(1) You are contact person of our clients; 

(2)  You are the person covered by the insurance policy; and  

(3) You are the beneficiary designated by the person covered by the insurance policy. 


2.Personal Data We Collect 

Personal Data refers to any information relating to a person, which enables the identification of such person, whether directly or indirectly, but not including the information of the deceased persons in particular.


The personal data we will collect (“Your Data”) can be divided into 2 types: General Personal Data, and Sensitive Personal Data. 


 2.1   General Personal Data 

2.1.1    Contact Persons of Our Clients 

                        

                                    If you are contact persons of our clients, we will collect:  


  • Your name-surname 
  • Your workplace 
  • Your telephone no. 
  • Your email address 


2.1.2    Persons Covered by Insurance Policy 

If you are the person covered by the insurance policy, we will collect the following information: 

                              

  • Your name and surname 
  • Your address 
  • Your sex, age, height and weight 
  • Date/Month/Year of your birth 
  • Your position and employer 
  • Information on your identification card photo (except your sensitive personal data, namely religion, blood type and/or race – such information will be concealed before the collection.)
  • Your shareholding percentage in your employer company
  • Your qualification and work experience 
  • Professional society or trade association of which you are a member 


2.1.3    Beneficiary 

If you are beneficiary designated by the person covered by the insurance policy, we will collect the following information:

  • Your name-surname 
  • Your relationship with the person covered by the insurance policy
  • Your address 


2.2       Sensitive Personal Data 

We will collect the following sensitive personal data only when you are person covered by Employee Benefit Insurance:

  • Your health condition
  • Your medical treatment record
  • Your claim record 


3. Source of Information

We collect Your Data from 3 sources as follows:


3.1 You who are the data subject; 

3.2 Your family member who is the person covered by the insurance policy; and 

3.3 Your employer who is our clients. 

            

4. Why We Collect Your Data 

We collect, use and disclose Your Data where it is necessary or there is a lawful basis for the purposes:



5. To Who We Will Disclose Your Data

In order to provide our services, it is necessary for us to disclose Your Data to the following types of organization:


5.1 Insurance companies who we work with in order to provide our services to our clients; 

5.2 Your employer who is our client; 

5.3 Government authorities if we are required to do so by law. 


6. How Long We Retain Your Data 

According to our internal retention policy, we will retain Your Data for 3 years from the date we have received Your Data. 


However, we may need to retain Your Data longer than that in order to accomplish the purpose for which Your Data was collected: 


The reason for retaining Your Data for longer than 3 years include:


1. Your Data is necessary for providing our services to our client: 

2. Your Data is necessary for complying with our obligations required by law; and 

3. Your Data is necessary for establishing, exercising and defending our legal claim.  


7. Your Rights 

 As a data subject, you have the following rights under PDPA:


1. Right to Withdraw Consent 

You have the right to withdraw your consent at any time by reaching out to us at  our email address or telephone number provided in Item 9. 


2. Right to Access and Obtain Copy of Your Data 

You have the right to get access to and obtain a copy of Your Data or request us to disclose the source of Your Data for which you have not given your consent unless we have the right to reject your request according to the law or court order and the access to Your Data may adversely affect right and freedom of other persons.


3.  Right to Data Portability 

You may request to receive Your Data or to have Your Data transmit to third party provided that Your Data is collected in the format which is readable or commonly used by automatic machine, and, can be used or disclosed by automatic means, unless it is impossible to do so because of the technical circumstances, or we are entitled to legally reject your request.


4. Right to Object to Collection, Use or Disclosure of Your Data

You may object to collection, use or disclose Your Data if we have collected Your Data for our legitimate interest or for direct marketing purpose. 


5. Right to Erasure  

You may request us to erase or destroy Your Data or to make Your Data anonymous in the case that Your Data is no longer necessary for the purpose we have informed you or you have withdrawn your consent or you have exercised your right to object to collection, use or disclose Your Data or in the case that we have unlawfully collected, used or disclosed Your Data. 


6. Right to Restrict Processing 

You make request us to restrict the use of Your Data during the period we have examined Your Data as requested by you, or when Your Data has been unlawfully collected, used or disclosed or when the retention of Your Data is no longer necessary for the purpose we have informed you but it is necessary for you to request us to keep retaining Your Data for certain reasons or during the period we have conducted our examination in order to reject your objection according to the law.


7. Right to Rectification 

You may ask us to collect or update or complete Your Data or make it not misleading. 


8. Right to File Complaint 

If you view that we have violated or failed to comply with PDPA, you have the right to file a complaint with the Commission of Personal Data Protection.


8. Contact Us

If you have any question or complaint with respect to the collection, use or disclosure of Your Data or wish to exercise your rights as a data subject, please contact us at: 


Asia-Pacific Risk Consultants (Thailand) Limited

26th Floor, SM Tower, 979/77 

Phaholyothin Road, Samsennai, 

Phayathai, Bangkok 10400


Telephone No.  :   02-298-0394 

Email :   dpo@aprc-consultants.com 


9. Change to Policy 

We may make change to this Policy from time to time to comply with the law or to make this Policy to be in line with our current practice. If we make any change to this Policy, we will keep you updated by publishing the revised policy on our website or inform you by any other mean we deem appropriate.