ClickCease Tracking
Events is now available: Give your community something to show up for
Events is now available: Give your community something to show up for
Events is now available: Give your community something to show up for
Events is now available: Give your community something to show up for
Events is now available: Give your community something to show up for
Legal
social.plus Group Data Protection Policy

social.plus Group Data Protection Policy

  1. Purpose

This social.plus Group Data Protection Policy ("Data Protection Policy") stipulates the rules for personal data protection in social.plus Holdings Ltd and its affiliated companies ("social.plus" and the "social.plus Group"). 

Our Data Protection Policy refers to our commitment to treat information of employees, customers, stakeholders and other interested parties with the utmost care and confidentiality.

With this policy, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights.

This Data Protection Policy reflects the data privacy rules required by the GDPR and other applicable laws including but not limited to Thailand Personal Data Protection Act B.E. 2562 ("PDPA").

Through the implementation of the Data Protection Policy across the companies within social.plus Group, the risks of, and arising from, breaching data protection will be minimised.

  1. Who is covered under the Data Protection Policy?

Employees of our social.plus Group and its subsidiaries must follow this policy. Contractors, consultants, partners and any other external entity are also covered. Generally, our policy refers to anyone we collaborate with or acts on our behalf and may need occasional access to data.

  1. Policy Elements

As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data etc.

social.plus collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply.

Our data will be:

  • Accurate and kept up-to-date
  • Collected fairly and for lawful purposes only
  • Processed by the company within its legal and moral boundaries
  • Protected against any unauthorized or illegal access by internal or external parties

Our data will not be:

  • Communicated informally
  • Stored for more than a specified amount of time
  • Transferred to organizations, states or countries that do not have adequate data protection policies

Distributed to any party other than the ones agreed upon by the data's owner (exempting legitimate requests from law enforcement authorities)

4. Lawful Bases and Personal Data Processing Purposes

The personal data processing within social.plus Group will always be based on lawful bases, which include the consent to the personal data processing, compliance with a legal obligation, the performance of a contract and/or social.plus data processing agreement, the legitimate interest, the public interest or the protection of the interests of the data subject.

5. Personal Data Transfer

social.plus Group may only make personal data available to third parties (including a personal data transfer within the social.plus Group) under certain conditions. Personal data may only be available to a third party acting as a processor based on social.plus data processing agreement or any contract likewise. Personal data may also be available to another third-party acting as a controller or a joint-controller based on relevant contractual agreements.

In case there are requirements for rectification or erasure of the personal data or for processing restrictions, under certain circumstances, social.plus will notify the relevant third parties to which the personal data were made available, unless this is not feasible or requires an inadequate effort. 

social.plus will inform a data subject on the third parties to which the concerned personal data were disclosed, only if required to do so by the data subject.

Under certain conditions, social.plus can also transfer personal data within social.plus Group or to any third countries outside the European Economic Area (EEA) or the European Union or Thailand or to international organisations to the extent that data processing needs to be performed and completed by social.plus Group. 

6. Responsibilities of social.plus Group and its Employees

social.plus Group and its employees are obliged to process the personal data in compliance with the social.plus Group' internal policies, the GDPR, the PDPA and other applicable data privacy laws and regulations. 

****************