Privacy Notice for Suppliers and Related Persons
Cornel Polymer Co., Ltd. (referred to as “we”) respect the rights to privacy of our individual suppliers (referred to as “you”). To ensure that your personal data is protected, we have created this privacy notice to inform the details regarding the collection, use, disclosure, deletion, and destruction (collectively, the “processing “) of your personal data, in accordance with the personal data protection law.
1. Why We Process Your Personal Data
1.1 We process your personal data because it is necessary for the performance of the contracts between us and our suppliers.
1.2 We process your personal data for the purposes of the legitimate interests. Examples are as follows:
(1) To perform the contract with our suppliers for procurement, inspection, payment of goods and services, relationship management, evaluate the work according to the agreements specified in the purchase order, contract, or other documents relevant to the procurement process;
(2) To manage, develop, and conduct our business operations which include administration and development of websites and applications, fraud prevention and detection, crime prevention, relationship management, maintenance of information technology (IT) systems;
(3) To protect your security such as provision of security measures, protection of your personal data, and access control;
(4) To establish, exercise, or defend your or our legal claims.
1.3 We process your personal data to protect vital interests of you or of another person, for instance, to make contact in case of emergency.
1.4 We process your personal data to for compliance with a legal obligation to which we are subject.
1.5 With your consent, we process your personal data to
(1) Enable us, the companies in our group, and our partners to send news to you via emails, SMS, applications, social media, telephone, and direct mails; and
(2) Conduct other activities in which case we will inform and request your new consent from time to time. You can find out more about consent in item 4 of this privacy notice.
2. Personal Data We Collect
2.1 When you contact us or supply products or services to us, we collect the following personal data:
(1) Contact information, especially the information available on your business card, such as email address, telephone number, office address, social media account, instant messaging account;
(2) Information used to verify your identity such as ID cards, ID number, title, name, date of birth, mobile number, email, photograph, identification information;
(3) Information related to your work such as employment, information related to your work safety and environment, bank account (for payment), and other personal data you have given to us when you contact us or supply products or services to us.
2.2 When you visit our premises, we may process your images and video recorded by CCTV.
2.3 When you contact us, we collect the following personal data:
(1) Personal information, such as name, date of birth, photograph, identification card number, passport number;
(2) Contact information such as telephone number, e mail, address, instant messaging account;
3. Cookies and Other Similar Technologies
4. Consent, Withdrawal, and Consequences
4.1 You are entitled to withdraw your consent at any time but such withdrawal will not affect the validity of the processing made prior to the withdrawal of consent.
4.2 Your withdrawal of consent or refusal to provide certain information may result in us being unable to fulfill some or all of the objectives stated in this privacy notice.
5. Retention Period
5.1 We will retain your personal data for the period necessary to meet the objectives and in compliance with the law and retention standards.
5.2 We have established a system to delete or destroy your personal data when the retention period expires or when it becomes irrelevant.
5.3 If your personal data is processed based on consent, we will stop the processing when you have withdrawn the consent. However, we may keep your personal data to record your withdrawn so we can respond to your request in the future.
6. Disclosure of Your Personal Data
6.1 We disclose and share your personal data with:
6.1.1 Affiliated companies and partners and
6.1.2 Individuals and entities which are not our affiliates (“third parties”) such as transport and logistics service providers, postal service providers, data processing service providers, marketing service providers, financial service providers, IT service providers, IT developers, programmers, auditors, consultants, advisors, government agencies, insurers, and other persons to the extent necessary to enable us to conduct business, provide products and services, and meet the purposes for the collection and processing of personal data as described in this privacy notice.
6.2 We will require persons receiving your personal data to take appropriate measures to protect your personal data and prevent unauthorized use or disclosure of your personal data.
7. Transferring Personal Data Overseas
7.1 We may send or transfer your personal data to our affiliates or other persons in a foreign country if it is necessary in order for us to perform our obligations in the contract to which you are the counterparty or contract between us and third party for your benefit, to protect your and third party’s life, body and health, to comply with laws or to the extent necessary for the public interest activities.
7.2 We may store your information on a computer, server, or cloud provided by a third party. And may use third-party programs, applications and platforms in processing your personal data. However, we will not allow unrelated parties to access to your personal data and will require such parties to have appropriate security protection measures.
7.3 In the event that your personal data is transferred to a foreign country, we will comply with applicable personal data protection laws and take appropriate measures to ensure that your personal data is protected and you can exercise your rights in accordance with the laws. Moreover, we will require those who receive the data to have appropriate protection measures for your personal data, to process such personal data only as necessary, and to take steps to prevent unauthorized use or disclosure of your personal data.
8. Security Measures
We have implemented appropriate administrative standards to protect your personal data from loss, misuse, and unauthorized access use, disclose, or destruction. We use technology and security procedures, such as encryption and access restriction, to ensure that only authorized people shall have access to your personal data, and that they are trained about the importance of protecting personal data. We will review the above-mentioned measures when necessary.
9. Your Rights as a Data Subject
You have the rights under the personal data protection law summarized as follows:
(1) Withdraw the consent you have given to us;
(2) Request to view and copy your personal data or disclose the source where we obtain your personal data;
(3) Send or transfer personal data that is in an electronic form as required by personal data protection laws to other data controllers;
(4) Oppose the collection, use, or disclosure of personal information about you
(5) Delete or destroy or make your personal data non-personally identifiable (anonymous) information;
(6) Suspend the use of your personal data;
(7) Correct your personal information to be current, complete, and not cause misunderstanding.
(8) Complain to the Personal Data Protection Committee in the event that we, our data processors, our employees, or our contractors violate or do not comply with personal data protection laws.
10. Information about Data Controller and Data Protection Officer
10.1 Data Controller: Cornel Polymer Co., Ltd.
Contact Address: Bangpoo Industrial Estate 548 Moo 4, Soi 9, Pattana 1 Road,T. Phragsa, A.Muang, Samutprakarn 10280, Thailand
10.2 In the event that you have a question regarding personal data protection,
please call 02-323-0812-3 or send your message to firstname.lastname@example.org
June 1st, 2022