1.1 Company means Thai Life Insurance Public Company Limited.

1.2 Personal data means any data pertaining to a person that enables the identification of that person, whether directly or indirectly, or biometric data, financial data, transaction records, health data, including other data with the individual’s name or identification number, or other forms of identifiable information, but not including information of deceased persons.

1.3 User means owner of the personal data that is using the Thai Life Insurance Application.

1.4 Data owner means the person who is the owner of the data; legal representative, caretaker or protector of the data owner; and including the spouse and legal heirs or beneficiaries according to the insurance policy in the case that the data owner has passed away.

  The Company collects, uses or discloses personal data of the user with the following purposes:

2.1 To assess, manage or execute various transactions requested by the user to the Company, including using the data to analyze, manage or improve the Company’s products or services, and to promote various products and services related to the policy that is offered by the Company.

2.2 To provide advice and suggestions to the user relating to the Company’s products and services, including diagnosing and solving problems, and managing the relationship between the Company and users.

2.3 To send marketing information, to inform about sales promotions, and to offer various privileges and other services of the Company to users.

2.4 For other purposes not mentioned above, in which the Company will inform users when the Company requests for data from the user.

3.1 Data directly from the owner

  The Company collects and keeps data related to the user of Thai Life Insurance Application or other communication channels with the Company, or other automatically collected data through Cookies such as health data, financial data, location information or other data that the user has given when applying for life insurance or afterwards by providing data in the life insurance application including accompanying documents and other forms of communication such as copy of national identification card, house registration, etc in the form of paper, electronic or other devices that the user uses to access the Thai Life Insurance Application. This information will be stored in the database and used for the purposes of data collection and safekeeping.

3.2 Data from other sources

  Data from public sources, data from various organizations or companies in the Group or Group businesses or business partners or life insurance representative or agent, apart from data that the user has provided when applying for life insurance or afterwards including data from related persons who engage in various transactions with the Company.

  The Company will retain personal data of the user as necessary in order to comply with the purposes set in this Policy, except for the case where the law requires longer retention of the data.

  Personal data of the user will be kept strictly confidential in accordance with the law. The Company will not use personal data of the user for other purposes besides the purposes that the Company has stated in the Privacy and Personal Data Protection Policy. In case of necessity to use the personal data of the user beyond the purposes stated, the Company will contact the data owner to ask for consent to use the personal data for other purposes, except for the following cases wherein the Company may disclose personal data of the user without prior consent:

• Compliance with the law in force or compliance with the request from government authorities in order to cooperate with various organizations on the issue relating to adherence to the law.
• Response to personal or public security
• In the prosecution, investigation and other legal issues where data is concerned
• Inspection of security incident

  The Company has appointed an IT Security Committee, established an IT Security Policy and various measures in line with international standards, and issued regulations for the safety of the Company’s IT system. This is for Company employees’ strict compliance and to prevent loss, access, damage, use, modification, change or disclosure of personal data without permission.

  In the case where the Company has hired other organizations to manage the personal data of users such as package delivery, statistical analysis and data evaluation, the Company will stipulate that the outside service provider maintain confidentiality and security of the personal data of users and that they use the personal data only to the extent necessary to perform the scope of work hired by the Company, and for no other purposes.

  The Company will not be responsible for any damages that may arise from users disclosing their personal information to external parties or from users neglecting to correctly logout from the system after they finish using the Thai Life Insurance Application or from using the service without consideration to IT security.

The owner of the personal data has rights as follows:

9.1 To request to access or receive a copy of your personal data which is within the Company’s responsibility or to request for disclosure of the source of personal information in which you did not provide consent.

9.2 To inform the Company to manage your personal data to be correct, complete, current and to not cause any misunderstanding.

9.3 To object to the collection, use or disclosure of your personal data that the law permits to collect without the consent of the owner of the personal data. However, the Company may deny the objection by indicating legitimate grounds according to the law which is more important; or the collection, use or disclosure of personal data is for the establishment of rights according to the law, compliance with the law or the use of rights according to the law, or call for rights according to the law.

9.4 To request the Company to delete or destroy or make the personal data unable to identify the owner in specific cases according to the law, e.g., the personal data is no longer needed for safekeeping according to the purposes or when the owner of the personal data withdraws consent and the Company no longer has the authority according to the law to collect, use or disclose the personal data.

9.5 To request the Company to stop using the personal data in specific cases according to the law.

9.6 To withdraw consent any time, except for restrictions of right to withdraw consent under condition No. 10.

9.7 To complain in case the Company, including employees of the Company, violates or does not comply with personal data protection laws.

  Withdrawal of consent does not impact the collection, use or disclosure of personal data that the user has previously legally provided consent. However, there are restrictions on the right to withdraw consent by law or contract for the interests of the data owner, e.g., causing limitations in processing transactions on the application, providing service to policyholders or making payments according to the policy or providing other services related to life insurance and causing the Company to be unable to perform according to the life insurance policy.

  In case the withdrawal of consent affects the owner of the personal data in any way, the Company will inform the owner of the consequences of the withdrawal of consent.

  The Company will review and amend the Privacy and Personal Data Protection Policy to be of standard under relevant laws. Therefore, the Company advises users to read the Privacy and Personal Data Protection Policy every time when using the Thai Life Insurance Application.

Users may contact the Company through the following channels:

Address: Thai Life Insurance Public Company Limited 123 Ratchadapisek Road, Din Daeng, Bangkok 10400

Telephone: 02 247 0247 or 1124

The Company will follow appropriate procedures to verify the identity of the user before providing details of personal data of the user.

  “Cookies” are text files that the Company sends to the application of the user. The cookies are installed in the system of the user. The use of cookies enables the Company’s application to store or remember the information of users until the user logs out of the application or until the user deletes the cookies or disables the use of cookies. The use of cookies provides greater convenience to the user when using the services of the Company’s application. The Company will use information stored or collected by cookies for statistical analysis or other activities of the Company in order to further improve the Company’s services.

  For some types of services, the Company may need to collect additional personal data such as the number of steps in order to calculate points and/or collect personal information of the user through other methods especially for the purpose of that service. The user allows the Company to send news, information about activities or privileges according to the user’s address or through other communication channels such as email, SMS, etc. according to information that the user has provided. If the user changes his/her contact information, he/she will promptly inform the Company.

  As a user, I have read the terms and conditions in the Privacy and Personal Data Protection Policy of the Company in detail. I accept, consent and agree to the all the terms and conditions stated in the said policy.