Siam Express Travel Services Co., Ltd. (Company) provides services of travel for businesses, seminars, leisure as well as travel management for individuals and juristic persons. The Company is committed to providing personal data protection and complying with the Personal Data Protection Act B.E. 2562 (PDPA). The Privacy Policy is formulated in order to securely manage personal data of all customers.

1. Customer Consent for Data Collection

Customers acknowledge and agree that the sharing of personal data to the Company is deemed as consent for the Company to collect, use or disclose personal data according to this Policy.

“Customers” means

1. Our general customers

2. Employees, personnel, officers, representative, agents as well as other individuals related to corporate clients and individual clients who are past and future customers

In this regard, it shall be hereinafter collectively referred to as “You” under this Policy.

In cases where You provide personal data of other individuals to the Company, You are responsible to inform them the details according to this Privacy Policy as well as requesting consent from such individuals in case consent for data disclosure is required. If a data subject is a minor, an incompetent person or a quasi-incompetent person, the consent from a legal representative or a legal guardian is required according to this Policy.

 

2. Channels of Data Collection

Personal Data is collected while You are using our services or contacting us through various channels such as service employees who provide services at an office through emails, telephones, websites, applications, ticket reservations, online purchase or any other service channels of the Company. Moreover, data is collected from indirect sources such as HR Feed and your authorized persons or representatives and individuals with legal authority or who are permitted or approved to disclose your personal data to the Company. Furthermore, this also includes data from other sources that you release to the public and data from business partners and organizations as well as your data from any form and questionnaire, CCTV and others.

 

3. Objectives of Personal Data Collection and Processing

The Company collects, uses or discloses your personal data accordingly as necessary in order to achieve the objectives of providing services, performing contracts and complying with the law. Details of the objectives are as follows:

  • To perform contracts between You and the Company.
  • To provide suitable services or products that match your needs as well as responding to inquiries and giving assistance to a data subject.
  • To perform contracts, documents comparable to contracts or content of legal relation of You and the Company, or the Company and corporates that support your travel (corporates that we provide services to).
  • To comply with terms and conditions of airlines, hotels or services that You request.
  • To provide reservations service of flight tickets, hotels, car rental and other services as well as visa applications according to rules of related agencies.
  • To verify your identity.
  • To manage or execute internal tasks of the Company which are necessary according to the law.
  • To comply with the law and to cooperate with other government regulators as well as coordinating with investigation authority agencies or legal agencies, etc.

 

4. Types of Personal Data

“Personal Data” means data that identify you or can lead to your identity. Details are shown below:

1. Data that present identity and contact channels, including name, surname, date of birth, nationality, gender, identification number, passport number, signature, photo, telephone number, email, address, health information, marital status, educational background, work record (such as occupation, office, position, salary), house registration.

2. Financial data such as bank accounts, copy of bankbooks, details of credit cards or debit cards, and financial status.

3. Data from photos and audio collected while you are in contact with the Company such as photos and/or audio from CCTV, conversation via telephones, or communication via our online channels or electronic channels.

4. Other personal data that you provide in contracts and forms.

5. Sensitive personal data such as religion, blood group as shown in a copy of your identification card, details of your disability, health or abnormality which we can use to provide services to You.

 

5. Personal Data Security and Protection

The Company has formulated both technical and physical privacy protection measures together with proper management to prevent loss of, access to, use of, change of, amendment to or disclosure of personal data without authority or approval. The measures include firewall, encryption, and physical access control. In this regard, You are responsible to maintain security and privacy regarding passwords and information related to your account as well as ensuring that your personal data that the Company has retained is correct and updated.

The Company limits authorized persons (employees or staff) who can access personal data for processing based on necessity. Such persons must strictly comply with the rules of personal data protection.

 

6. Personal Data Retention Period

The Company shall retain your data according to necessity and the objectives specified above, and to comply with laws and regulations.

 

7. Types of Individuals or Agencies for Personal Data Disclosure

The Company may disclose or transfer your personal data to external parties, or your personal data may be transferred to other countries which may have or may not have the same personal data protection standards as those that exist in Thailand. To perform the objectives specified above in this Privacy Policy, the Company follows procedures and measures to ensure You that the Company complies with related laws in transferring your personal data. Moreover, individuals who receive the data have proper personal data protection standards.

We may transfer your data to our branches, subsidiaries, partners, airlines, hotels, hotel groups, car rental companies, travel agencies, civil aviation authority agencies at origins/destinations, airline management agencies, the immigration bureau, the police aviation bureau, business partners, insurance companies, and reinsurance companies. This is to allow such companies and agencies to manage data and provide related services to you.

 

8. Request Rejection or Objection

You have the right to withdraw the consent or to object the information sharing according to the Personal Data Protection Act B.E. 2562. We will notify you about the impact of the consent withdrawal in advance if such withdrawal were to impact the collection, use or disclosure of personal data under our services.

 

9. Data Controller, Contact Point and Contact Method

If you have inquiries or intend to exercise the legal right related to your personal data, please contact Group Data Protection Officer at DPO@siamexpress.com

 

Siam Express Travel Services Co., Ltd. is committed to providing personal data protection and complying with the Personal Data Protection Act B.E. 2562 (PDPA). The Privacy Policy is formulated in order to securely manage personal data of all customers.