บริษัท อีซี่ บาย จำกัด (มหาชน)
EASY BUY PUBLIC COMPANY LIMITED
Search | ภาษาไทย English

Personal Data Protection Policy for Employees of EASY BUY (Public) Company Limited

        EASY BUY (Public) Company Limited (hereinafter referred as “Company”) recognizes the duty under Personal Data Protection Act B.E.2562 as a personal data controller, Company is committed to protecting personal data of all employees safely. This policy shall apply to personal data that company keep during recruitment process and after resign from the company which company will explain how company use your personal data, why company collect the data that have requested, including data from the third party, what does the company do with the data and for what, also how does the company protect the data.

1. This policy apply for

        This policy is setting for all level of employees such as directors, management and current employees including job applicants, former employees, and who involve with company such as the members in employee family, emergency contact person.

2. What is the personal data

        Personal data means any information relating to the person which could identify person whether directly or indirectly but not including information of deceased persons such as name-surname, telephone number, address, e-mail, identification number, photo or work history etc.

3. Personal data collect by the company

        Your personal data were collected by “Company” where you have an employment contract or a service contract related with you or where you have worked. Your personal data that the company collected depend on your situation, role and status whether you are a job applicant, a current employee or a former employee. Company has collected your data as necessary and according to the purpose for using data that company will explain you in the next chapter. Therefore, the classification of personal data collect by the company are as follows;

Type of Personal data

Data details

General personal data

Prefix, name, surname, nickname, photo, identification number, passport number, social security number, driving license number, tax identification number, bank account number, Umay+ card number, vehicle registration number, current address, registered address, email, telephone number, date of birth, age, status, marital status, military status, education history, employment history, working skills and financial information.

Sensitive personal data

Health information, fingerprint and criminal record.

Data of third party

Spouse, family member, emergency contact person and beneficiary by collecting personal data such as name, surname, relationship, telephone number and other data as necessary.

Data of Employment

Employee ID, job position, department, employee status, start date, resign date, service year, performance, salary rate, working record, overtime, statistics of leave, training, provident fund, welfare & benefits utilize, resignation reason, evaluation, promotion and punishment.

4. How company collect your data

        4.1 Receive personal data from you directly

                Mostly, company receive personal data from you directly by collected personal data from the recruitment process, including the employment contract and employment process, however company may receive data from third parties in some cases such as;

        4.2 When you provide personal data about yourself and others

                Personal data of yourself and others that you have provided to the company. You may also provide personal data about other people such as person in your family which company uses that data to process and manage the employment benefits or contact your relatives in case of emergency.

        4.3 Company may collect your personal data from other organizations

                Company may collect your data from other organizations for the recruitment and selection process such as requesting information from your former employer and check other background which permitted by law, including in the case that you apply for a job with us through a recruitment agent or the job search website, please review and check the personal data protection policy of each recruitment agent well.

5. Objectives and base of data processing

        Company will process your personal data with objectives, scope and lawful, transparent and fair methods under the base of data processing as following;

        5.1 To comply with the employment contract between you and the company or in order to process your request before becoming an employee of the company according to the job application process.
        5.2 For the purposes of legal compliance and / or to achieve objectives regarding Labor Protection, Social Security, Medical Welfare and evaluation of work ability.
        5.3 For the benefits in accordance with the law of the company which will not violate your basic or freedom rights.

        Company will request your consent in case required by law or company has no objectives to use the above data to process personal data collected from you.

        Objectives and details which will be inform as follows depends on the situation of your status that you are a job applicant, a current employee or a former employee.

        For Job applicants

                Company will use your personal data as necessary to evaluate the suitability of job applicants for the job position and to verify the accuracy of data that you have provided to the company.

Objective of operation

Details

1. For recruitment process

1) Company uses your personal data for evaluate that you are suitable for the roles and responsibilities in the position that company recruit or not and to manage the job interviews or evaluation when you have applied for a job with the company directly or through a recruitment agent or a third party. Also use for contact you since process of prepare, perform, evaluate, and give feedback about evaluations and interviews result in case company offer a job to you.

2) To evaluate that you are suitable for the job position you have applied or not, company may ask you to do a test or answer the questions about your personality details and / or interview which information may be obtained either from yourself and company.

3) Line Manager who is accepting applications for the company may be select the application for interview based on the details you have filled in the job application with the company.

2. To check work history or matching work before the employment

1) To check in the case of you have previous work history with the company and the reason why you have resigned including to check that you have ever applied job with company before or not and propose suitable job if you are interest in other vacant positions in the company.

2) To perform pre-employment check in order to evaluate your ability of work in accordance with the law permitting such as job qualifications, health information, criminal record and checking the reference person that you have provided to the company.

3. To analyse the data and make the reasonable changes

1) To make the reasonable changes for the recruitment process to be in accordance with what you have informed to the company or what the company knows.

2) Due to this objective, company may collect data about you in order to help the company evaluate that there should be adjustments or not, which is necessary or follow the work restrictions that you have applied.

4. To consider other suitable positions in the future

1) If you are not pass in evaluation on your applied job position, company will keep your data in our database for 1 year to contact and offer positions that may suit you in the future.

2) In case you would like us to delete your data, please contact company by email at Jobs@easybuy.co.th

        For current employees

                Company will use your personal data for employment contract relate between you and company including objectives for legal compliance and/or as is necessary for the benefit in accordance with the law of the company which will not violate your basic rights or freedom rights.

Objective of operation

Details

1. To perform the role as “Employer”

1) To perform the role of employer which include allocation and manage your responsibilities and business activities that company get involved.

2) To perform and manage human resource including maintaining and implementing of the general records which is necessary for employees management and operating the employment contracts or service contracts between you and the company, company will processing the fingerprint data that collected from you.

3) To your working evaluation, consideration for promotion, salary adjustment including payment of bonus and helping you to modify the appropriate working style.

4) To develop your knowledge skills such as training, knowledge certify including helping you success in your career path and for your succession planning.

2. To perform compensation, welfare and various benefits

1) To perform payroll processing, paying salary and other compensation. Company need to send your information to the payroll service outsource in order to process your salary including the implementation according to the laws such as calculate Personal Income Tax, Social Security, Legal Loans, Student Loan and Department of Legal Execution by submitting your information to the government organization as required by laws.

2) To provide welfare and others benefits for you. Company gives you the opportunity to choose welfare that you have the right such as the Annual health check, the company will collect your health information. Company need to share your personal data to the third party who is the service provider for that welfare such as health insurance providers, Provident Fund Management Company, Housing Loan Bank, in order to such service providers will contact you or you may register with those service providers directly including providing information about the beneficiaries you have informed in case of pass away or other benefits to the relevant third party.

3) In case of using family welfare such as family health insurance, company need to collect personal data of your members family and forwarding information to service providers for benefit of insurance coverage to you and your family.

4) To provide a welfare & benefits such as marriage, childbirth or family member’s death, company must request a support documents with information of your family members in order to consider a financial welfare & benefits in accordance with the company policy.

3. To support work process, communication including other activities

1) To support data in internal & external processes of the company. For Personnel management in various cases which may need to send your information to relate party by using information as necessary according to the objectives of each process only.

2) To set authorize in your working systems to facilitate your work.

3) To perform the itinerary or accommodation related to works including disbursements of expenses related to works.

4) In order to examine your knowledge & comprehension, doing questionnaire or survey and evaluate the results of that tests or surveys.

5) To communication and coordination including announcements or public relations activities both inside and outside the company. Company may use personal data such as name, surname, your photos in various activities distribute for public relations according to the objectives of each activity.

6) To facilitate you about training, seminars, including off-site activities. Sometime company will send your personal information as necessary to external service providers in order to prepare a bus, food, accommodation for you.

4. To monitor related works communication

1) In order to comply with relevant laws, the company is required and reserves the right to control and monitor electronic communications that has been sent by using the account, network and equipment that company have provided to you for work purposes to ensure that the company information resources used correctly and follow the law and company policy.

5. To monitor and manage complaints

1) To monitor and manage complaints which involves the administration and conducting a review of work performance, skill, leave, violation, complaint, investigation and any procedures including personnel procedures both formal and informal relevant management decisions and whatever is needed under your contract with the company.

2) Including manage requests that you may have with us in case you need our help to give you the opportunity to participate in activities and programs according to the employee benefit and rights.

6. To protect Health and safety at workplace

1) To process about leave information or medical information related to physical and mental health or status of incomplete or disability which involves the compensation or welfare, in order to evaluate competency of work, re-employment, management decisions about employment or any obligation including any actions regarding to the relevant procedures.

2) Assistance in case of an injury from work, illness, management of your health and safety, support for anything you may need and contact to the person you have given in case of emergency, if necessary.

7. For financial reporting and business analysis

1) For management, budget planning and accounting management and future plans including business operations and reports.

8. For legal and compliance audits

1) To monitor and perform as required by laws, regulations including record of accepting gifts, gratuity or remuneration and Anti-Bribery and corruption report, ethics and business ethics.

2) Compliance with applicable laws and regulations such as working hours, health and safety laws, tax regulations, social security, legal enforcement, educational loan funds, labor consulting, labor law, including the company regulations.

9. For requests from the government and legal claims

1) To comply by laws with requests from the government, requesting to fill out any documents related to the effective law, the court, orders, governmental regulations or organization with regulatory powers including management of taking legal action cases by us or against us, which the process will be done in high confidential.

        For former employees / after resign from the company

                After resigned or end of employment contract with the company, company may need to keep your personal data in order to implement the business obligations.

Objective of operation

Details

1. To manage business continuity

To understand and keep evidences of decisions in your role and to maintain the knowledge to remain with the business after you resigned from the company.

2. For analysis and retain the company employees

To understand the reason you have decided to resign from the company, company needs to use such information to improve the company business operations.

3. For legal obligations and manage legal claims

To comply with legal obligations related to your employment such as the Revenue Department, including to handle claims or disputes about you or others, because of company has a legal obligation to provide information or to protect the company by leading or disputing that claim.

6. Disclosure of your data

        6.1 Inside the company

        Your personal data may be disclosed or delivered to departments inside the company, only relevant and have a role as necessary only for the purpose to perform the processes of the company, and for internal management and communication by these personnel or teams of the company may be allowed to access your personal data as needed;
                 Only relevant Human Resource Officer or other department officer by authorized to access data according to the roles and responsibilities.
                 Your executive or direct supervisor who are responsible for managing or making decisions about you or when dealing with personnel procedures.
                 Divisions or support teams such as IT

        6.2 Outside the company

                Your personal data may be forwarded to external organizations and company would like to inform you a brief names list as follows;
                External service providers: organizations and sub-contractors of external service organizations that provide information services and / or support such as payroll outsourcing service providers, provident fund management company. For welfare & benefits such as health insurance company, accident insurance, training service providers, Employee points program (Point), Evaluation for organization management.
                When company uses services from third party, company must ensure that those service providers comply with legal requirements and your personal data will be protected by appropriate technical and organization.
                The Professional Consultant of the company: such as Audit, Consultant
                Customers: Company may need to deliver your data to customers in case necessary to manage and deliver services to them.
                Government Organization: Company may send your data to Government Organization such as Revenue Department, Social Security Office, Department of Labor Protection and Welfare, Legal Execution Department, Student Loan Fund, Department of Skill Development, National Office for Empowerment of Persons with Disabilities, Bank of Thailand, Securities and Exchange Commission, Ministry of Commerce and Ministry of Labor in order to comply with legal requests. Company will only send your personal data that comply with law and in accordance with what we consider it is necessary.
                Organization or third party:In some cases, company confirm your data to organizations or third party who have inquiries for the purpose of verifying your various transactions such as apply or use credit service, apply for a job, the company will confirm only the employee status and other information as you have disclose to the said organization or third party only.
                In case that we received consent from you, we may disclose your data to new employers to certify the previous employment or providing your information to the educational institution that you have studied to improve the quality and education standards or the quality of graduate research project.
                Therefore, you can notify your request at any time to undisclosed such information to organization or external organization by contact to pn.center@easybuy.co.th

7. How to protect your personal data and term

        7.1 How company protect your data

                Company has complied with appropriate technical and organizational measure in order to protect your personal data. When we need to transfer your personal data to a external service provider, we will do when we have the appropriate protection system to protect your personal data.

        7.2 Term of keeping your personal data

                Company will keep your personal data as long as necessary for the purpose of what we have collected and maintained. Generally, it will be according to the period you were employed or have an employment contract with the company and the period required by law to maintain data after the end of contract such as tax information need to keep at least 5 years, your work history need to keep at least 10 years to handle claims or disputes related to you or others because the company has a legal obligations to provide information or to protect the company by lead or dispute that claim.

8. Your rights

        You have the right to perform as follow;

        8.1 Right to consent withdrawal

                You have the right to withdraw your consent about personal data that you have given consent with the company throughout the period of your personal data being keep by company.

         8.2 Right to access the personal data

                You have the right to access your personal data and asking for the company to copy the said personal data for you. Including asking for the company to disclose the acquisition of personal data that you did not give consent to the company. If you are an existing employee of the company, you can access your personal data by yourself through the company system.

                However, the company may reject your request if accessing and requesting a copy of that personal data will affect the rights and freedom of another person, or the company must comply with laws or court orders prohibiting disclosure of that personal data.

        8.3 Right to transfer the personal data

                You have the right to transfer your personal data that you have provided to the company to another data controller or yourself for some reason. Exceptional in case of against the law or affects the rights and freedom of other people.

        8.4 Right to object the data processing

                You have the right to object the processing of your personal data for some reason. Except in the case that the company has legally necessary to collect data or must comply with relevant laws of maintaining such data.

        8.5 Right to erasure the personal data or suspending the use of personal data

                You have the right to request company to delete your data or suspend the use of your personal data for some reason. Except in the case that the company must comply with relevant laws or exercising legal rights for maintaining such data.

        8.6 Right to correct the personal data

                You have the right to request us to edit incorrect information or fulfil information completely. If you are an existing employee of the company, you can edit your personal data by yourself through the company system or fill out documents according to the company's procedures.

                You can submit your request to perform the rights above according to the address below. It has no cost for apply and implementation which company will inform the result of consideration within 30 days from the date of company received the request.

9. Contact

        For more details about Personal Data Protection Policy, please contact;

        EASY BUY Public Company Limited
        5th Floor, Sathorn Square Office Tower, 98 North Sathorn Road, Silom Subdistrict, Bang Rak District, Bangkok 10500
        Phone: 0-2684-3333 Fax: 0-2695-0298
        Website : www.easybuy.co.th
        อีเมล์ : dpo@easybuy.co.th

Changes to Personal Data Protection Policy

        Personal Data Protection Policy will be update time by time, once it need to be updated, company will announce the update version through company's website for all employees acknowledgement.

Web Browser Recommended: Internet Explorer version 10 or later, Mozilla Firefox, Safari, Google Chrome