隐私政策
Accord Health Company Limited
Accord Health Company Limited (the Company) recognizes that protection of personal data is important. It is for this reason that the Company has established the Personal Data Protection Policy (Personal Data Protection Policy). The policy elaborates how everything related to personal information such as collection, storage, usage, disclosure, and the rights of the personal data subject is treated by the Company. This policy protects the privacy of people who visit or use the Company website in any way.
Please be aware that this Privacy Policy is subject to change and all changes will be displayed on this website.
1. Scope of the Policy
This policy covers company's practice of receiving and storying personal information when a user visits the Company's website. Personal information includes an individual's unique information that helps in directly or indirectly identifying the individual but not including the information of deceased persons in particular such as their name, age, gender, nationality, identity or passport number, residential address, office phone number, e-mail address, etc. The Company's website does not share personal identifiable information with third party sites that are linked to or from the Company's website. Therefore, it is advisable that one understands the privacy policies provided by the third-party websites linked to the Company's website.
2. Definitions
"Personal Information" means unique information about an individual that helps us to directly or indirectly identify that individual. Personal information particularly does not include information on people who are the deceased.
"Sensitive Personal Information" means information that is unique and personal in nature but they are sensitive and the individual may run the risk of unfair discrimination on the basis of race, ethnicity, political opinion, creed, religion or philosophy, sexual orientation, criminal history, health information, disability, union information, genetic information, biological information or any other information which may affect the individual in the same way as defined by the Personal Data Protection Committee.
"Personal Data Protection Committee" means a committee that has been appointed with duties and powers to undertake supervision, issue regulations, and measure other practices in relation to personal data protection under the Personal Data Protection Act of 2562 B.E.
3. Collection of Personal Data
The Company shall collect personal data only as necessary and after you consent to provide information directly to the Company by requesting services through the website or through any other channels such as making an appointment with doctors, online transactions, newsletter subscriptions, etc. This also includes offline transactions such as registering patients at the Company's registration counter, etc. Your personal data may be obtained from third parties such as family or people close to you where you have consented to such disclosures or as stipulated by law.
The types of personal data that the Company shall collects depend on purposes for which the information is processed according to the privacy policy. Personal information that the Company collects directly from individuals or from third parties are as follows:
- Identity information such as name, photo, gender, date of birth, passport, ID card number or other identifiable numbers, etc.
- Contact information such as address, telephone numbers, e-mail, etc.
- Payment information such as billing information, credit or debit card information, bank account details, etc.
- Subscription information and participation in marketing activities such as seminar registrations.
- Service information such doctor appointment information, personal information of relatives, information required for accommodation, meals, hotels, etc.
- Statistical data such as number of patients, website visits, the duration of the individual on the website, etc.
- Web information while accessing the website such as IP Address, cookies, online appointment system, etc.
- The Company shall not collect and use individual’s sensitive information about race, religious beliefs, criminal record, etc. unless stipulated by laws or by the individual’s consent.
4. Purpose of Processing Personal Data
The Company may process personal data with consent or by execution of contract between each other or for the legitimate interest of the Company except in the following cases where consent seeking is not necessary.
- Doctor's appointments, news dispatch or introduction of the Company's services.
- Coordinating and forwarding information to the Company/hospital network. This will speed up the transmission of users to the service.
- Message reminders for doctor's appointments or while offering company assistance.
- Sales promotion and customer relations such as sending information about promotions and affiliate businesses.
- Communication, answering questions or responding to complaints regarding our services such as service problems, claim for baggage or loss.
- Satisfaction surveys and statistical analysis of information on how to improve the service.
- Accounting or financial purposes such as verifying credit card payments, billing and financial validation.
5. Personal Data Disclosure
The Company will take necessary and appropriate measures for the aforementioned purposes. The Company may disclose or transmit user's personal information to third parties that may be within or outside Thailand, such as
- Network hospitals, business partners and affiliate businesses.
- Service providers or partners who provide services to the Company or act as a representative of the Company such as an IT service provider.
- Banks and payment service providers such as credit or debit card companies.
6. Security System
The Company issued an order defining internal procedures about confidentiality and security of information, which include determining confidential information to access and usage rights. Also, the Company uses Secure Socket Layer (SSL) Protocol to facilitate communication between users and the Company, which is through a secure communication channel.
7. Cookie Policy
Information related to a user while accessing the Company website will be stored in the form of cookies. The Company's cookie policy explains its meaning, its functionality, its purpose and also how to delete and refuse storage of cookies for user's privacy. By entering the Company's website, the user agrees to give the Company permission to use cookies according to the Company's cookie policy explained below.
A "cookie" is a data file that is saved on the user's computer and/or communication device such as tablet, smartphone, web browser, etc. and is used to store information when the user visits the Company's website. Cookies are used in various situations. The user of the website also has the ability to accept or decline all cookies and for this the user can go into the “Help” menu of their browser and learn how to change the user's cookie usage.
8. Rights of Data Subject
The data subject of the personal information data, which is the user, has the right to withdraw consent, to request access to personal information, to request erasure or destruction of personal information, as well as to request correction and change of information to be correct, up-to-date and complete. The owner of the personal data can contact the Company at contact form.
9. Contact Channels
If you have any question about the Company's privacy policy and terms of use, please write to the Company by attaching a copy of evidence to prove your identity. Also, if you have any questions, suggestions, complaints about the Company's privacy policy, you can send inquiries to contact form. In this case, you must furnish the following details:
- Name, surname, ID card number/ passport number.
- Subject of inquiry, a description of the error that occurred.